cobaltstrike | 32cac5f118adf7c691af5fc258c065390f3c18f13d08ffc85c711301bf2e37a7 | Triage

Sharing

General

Target

32cac5f118adf7c691af5fc258c065390f3c18f13d08ffc85c711301bf2e37a7
Size

19KB
Sample

240419-bnnkhacd56
MD5

0b2d29fd9afacc8020775fbbf85b4993
SHA1

861187ae6bdf953357b20ea300f0e99d40eaa518
SHA256

32cac5f118adf7c691af5fc258c065390f3c18f13d08ffc85c711301bf2e37a7
SHA512

8d65777100626e18a74d10374dd0cdec096e6e210067fb9130fb8b8d5099a1704532cce6227f331112e26686910a6f94de35b3e383830a73a177c20da072c6e0
SSDEEP

192:cV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/20ctWF8qa1Dojjgi:+qaCF31cix+Dc4zjkAFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.120.63.211:80/Kns1

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; NP09; NP09; MAAU)

Targets

- Target
  
  32cac5f118adf7c691af5fc258c065390f3c18f13d08ffc85c711301bf2e37a7
- Size
  
  19KB
- MD5
  
  0b2d29fd9afacc8020775fbbf85b4993
- SHA1
  
  861187ae6bdf953357b20ea300f0e99d40eaa518
- SHA256
  
  32cac5f118adf7c691af5fc258c065390f3c18f13d08ffc85c711301bf2e37a7
- SHA512
  
  8d65777100626e18a74d10374dd0cdec096e6e210067fb9130fb8b8d5099a1704532cce6227f331112e26686910a6f94de35b3e383830a73a177c20da072c6e0
- SSDEEP
  
  192:cV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/20ctWF8qa1Dojjgi:+qaCF31cix+Dc4zjkAFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan