cobaltstrike | 54c66886b892d3e8b070ee240513c696002aa081be5d7e4deb5668e0f6f050d2 | Triage

Sharing

General

Target

54c66886b892d3e8b070ee240513c696002aa081be5d7e4deb5668e0f6f050d2
Size

19KB
Sample

240419-mjb7fsgd52
MD5

708e1a99bf427bd900663219f130e1a2
SHA1

19a4ee5c62307cf5f52fa749e742ca2b11c53d07
SHA256

54c66886b892d3e8b070ee240513c696002aa081be5d7e4deb5668e0f6f050d2
SHA512

eb8c3dcd4b66ffceb07910a3c37df375ad25df4a0df66a7e8abc205bfb26e1a2a4607311e28c7b6bbf249541e74ecee1770cd8611f51055aa5dcf6c19de306bb
SSDEEP

192:+V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2hYJ38WF8qa1Dojjgi:IqaCF31cix+Dc4zjWYbFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.113.148.26:80/1ZXz

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.4; .NET4.0C)

Targets

- Target
  
  54c66886b892d3e8b070ee240513c696002aa081be5d7e4deb5668e0f6f050d2
- Size
  
  19KB
- MD5
  
  708e1a99bf427bd900663219f130e1a2
- SHA1
  
  19a4ee5c62307cf5f52fa749e742ca2b11c53d07
- SHA256
  
  54c66886b892d3e8b070ee240513c696002aa081be5d7e4deb5668e0f6f050d2
- SHA512
  
  eb8c3dcd4b66ffceb07910a3c37df375ad25df4a0df66a7e8abc205bfb26e1a2a4607311e28c7b6bbf249541e74ecee1770cd8611f51055aa5dcf6c19de306bb
- SSDEEP
  
  192:+V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2hYJ38WF8qa1Dojjgi:IqaCF31cix+Dc4zjWYbFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan