cobaltstrike | 25f430fec2770b494c20991775a9e997b69a40a29726bb67147b747441156069 | Triage

Sharing

General

Target

25f430fec2770b494c20991775a9e997b69a40a29726bb67147b747441156069
Size

19KB
Sample

240419-mkjb6ahe4v
MD5

d3e6e0a03621d98a080de722309ad5f4
SHA1

092b069a5bc774141ec2d863b68a7dcae5d13b0d
SHA256

25f430fec2770b494c20991775a9e997b69a40a29726bb67147b747441156069
SHA512

76c0eecd7cbfd3628c32b44eb886e05029634f8bbf8a1fc761913630bb986bbf048800c8bee1f4426911af7090d6a25936837f84131de9df07323fff3fc29965
SSDEEP

192:QV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/26U1+TWF8qa1Dojjgi:yqaCF31cix+Dc4zjxLqFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://42.142.170.25:8888/vTJI

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MASB)

Targets

- Target
  
  25f430fec2770b494c20991775a9e997b69a40a29726bb67147b747441156069
- Size
  
  19KB
- MD5
  
  d3e6e0a03621d98a080de722309ad5f4
- SHA1
  
  092b069a5bc774141ec2d863b68a7dcae5d13b0d
- SHA256
  
  25f430fec2770b494c20991775a9e997b69a40a29726bb67147b747441156069
- SHA512
  
  76c0eecd7cbfd3628c32b44eb886e05029634f8bbf8a1fc761913630bb986bbf048800c8bee1f4426911af7090d6a25936837f84131de9df07323fff3fc29965
- SSDEEP
  
  192:QV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/26U1+TWF8qa1Dojjgi:yqaCF31cix+Dc4zjxLqFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan