cobaltstrike | fb2ad7a7a0b243af4aa4f965a8fcec904cd4888f90a018631a65ac35e7af4e3a | Triage

Sharing

General

Target

fb2ad7a7a0b243af4aa4f965a8fcec904cd4888f90a018631a65ac35e7af4e3a
Size

105KB
Sample

240418-hzyceaff8y
MD5

3945b32fae7855ea82a0f398ce1a41b9
SHA1

819e109602a2c5b0ec84e66cf4bb5685fe4b20a1
SHA256

fb2ad7a7a0b243af4aa4f965a8fcec904cd4888f90a018631a65ac35e7af4e3a
SHA512

845275550afbea2e24672a33c1279d2259c69806628b2831c73d4fdd9a844f2d7547a736c3b56a6da7d884d4f13450b64e319f3b14e08ca5dc6cc2aaf0939bf8
SSDEEP

3072:tPKWSeTzqu1ZSAePEBImUzHJG/WPIHsQI6:AWSeTzqaZTVBIVbAOQHsQI6

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://10.1.2.129:123/BRWr

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322)

Targets

- Target
  
  fb2ad7a7a0b243af4aa4f965a8fcec904cd4888f90a018631a65ac35e7af4e3a
- Size
  
  105KB
- MD5
  
  3945b32fae7855ea82a0f398ce1a41b9
- SHA1
  
  819e109602a2c5b0ec84e66cf4bb5685fe4b20a1
- SHA256
  
  fb2ad7a7a0b243af4aa4f965a8fcec904cd4888f90a018631a65ac35e7af4e3a
- SHA512
  
  845275550afbea2e24672a33c1279d2259c69806628b2831c73d4fdd9a844f2d7547a736c3b56a6da7d884d4f13450b64e319f3b14e08ca5dc6cc2aaf0939bf8
- SSDEEP
  
  3072:tPKWSeTzqu1ZSAePEBImUzHJG/WPIHsQI6:AWSeTzqaZTVBIVbAOQHsQI6
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan