cobaltstrike | 8d1a8c20fa1bd4362850a0cd56aba820b880f6dc9785d2879f8d297c8fb72173 | Triage

Sharing

General

Target

8d1a8c20fa1bd4362850a0cd56aba820b880f6dc9785d2879f8d297c8fb72173
Size

3.4MB
Sample

240419-bny18scd73
MD5

96b2062c11029d99647e28a1495d65a4
SHA1

d03fee7294071f6ca36778dbc68eefd4fd035558
SHA256

8d1a8c20fa1bd4362850a0cd56aba820b880f6dc9785d2879f8d297c8fb72173
SHA512

616cc333e1ea98fceceaefd03344a9177d5a7d45a92309e686afacce60aa506eddc5cab82cdf22a6e1e8f6a0a78eaab5e0659d38451e10639af6eb157a5d625d
SSDEEP

24576:Iv6tEPbHssBXoTgBH6dr+bDNC2E+Q2B5Yq8sQb33EfHDEC1QxMrjyT0hz/0NmdpY:aPzhBXJEdrE53qs4vCvzSmXm9x0KpTH

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://43.138.236.20:89/iEVY

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; .NET CLR 2.0.50727)

Targets

- Target
  
  8d1a8c20fa1bd4362850a0cd56aba820b880f6dc9785d2879f8d297c8fb72173
- Size
  
  3.4MB
- MD5
  
  96b2062c11029d99647e28a1495d65a4
- SHA1
  
  d03fee7294071f6ca36778dbc68eefd4fd035558
- SHA256
  
  8d1a8c20fa1bd4362850a0cd56aba820b880f6dc9785d2879f8d297c8fb72173
- SHA512
  
  616cc333e1ea98fceceaefd03344a9177d5a7d45a92309e686afacce60aa506eddc5cab82cdf22a6e1e8f6a0a78eaab5e0659d38451e10639af6eb157a5d625d
- SSDEEP
  
  24576:Iv6tEPbHssBXoTgBH6dr+bDNC2E+Q2B5Yq8sQb33EfHDEC1QxMrjyT0hz/0NmdpY:aPzhBXJEdrE53qs4vCvzSmXm9x0KpTH
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan