cobaltstrike | f3d03ee3db800031c343c0e800a433192b41b20673b5e6f42b51476293357575 | Triage

Sharing

General

Target

f3d03ee3db800031c343c0e800a433192b41b20673b5e6f42b51476293357575
Size

19KB
Sample

240419-mfj3wsga54
MD5

a35115569b8216c827f9d05833a4f194
SHA1

b63267f4810010cdda0b6ce0dacb52af9191af8b
SHA256

f3d03ee3db800031c343c0e800a433192b41b20673b5e6f42b51476293357575
SHA512

d4bb58988f1435694cb1928c1511ee59871ef5721ad111b8b360b87a881570311cd3095fa396150025128e8e6996b5523307fc94b3078e49055e45e1bc61f534
SSDEEP

192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2fx2gHIvN2WF8qa1Dojjgi:iqaCF31cix+Dc4zjox2FvhFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.155.128:9999/QNUi

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)

Targets

- Target
  
  f3d03ee3db800031c343c0e800a433192b41b20673b5e6f42b51476293357575
- Size
  
  19KB
- MD5
  
  a35115569b8216c827f9d05833a4f194
- SHA1
  
  b63267f4810010cdda0b6ce0dacb52af9191af8b
- SHA256
  
  f3d03ee3db800031c343c0e800a433192b41b20673b5e6f42b51476293357575
- SHA512
  
  d4bb58988f1435694cb1928c1511ee59871ef5721ad111b8b360b87a881570311cd3095fa396150025128e8e6996b5523307fc94b3078e49055e45e1bc61f534
- SSDEEP
  
  192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2fx2gHIvN2WF8qa1Dojjgi:iqaCF31cix+Dc4zjox2FvhFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan