cobaltstrike | f9141cb660859120c823abac70f00249fd7a99a71662017ecd6175f87144d39c | Triage

Sharing

General

Target

f9141cb660859120c823abac70f00249fd7a99a71662017ecd6175f87144d39c
Size

19KB
Sample

240419-mkxvjshe8t
MD5

3447066f2899e468ec3f3689105f1e5d
SHA1

7fcdc2e7e916f0098401327064baa1914bfecc10
SHA256

f9141cb660859120c823abac70f00249fd7a99a71662017ecd6175f87144d39c
SHA512

01ee32b4bac365982fae9a11d4307b7a8a5202d5c97d0bd10f822d966706e84144afe76026f832f9ca467c48ed4d5d717116c11a499fe8628d0465fad8ca3fbc
SSDEEP

192:vV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/26tblLah8HWF8qa1Dojjgi:pqaCF31cix+Dc4zjft1IFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://103.97.58.61:80/Ta9o

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; QQDownload 733; InfoPath.2)

Targets

- Target
  
  f9141cb660859120c823abac70f00249fd7a99a71662017ecd6175f87144d39c
- Size
  
  19KB
- MD5
  
  3447066f2899e468ec3f3689105f1e5d
- SHA1
  
  7fcdc2e7e916f0098401327064baa1914bfecc10
- SHA256
  
  f9141cb660859120c823abac70f00249fd7a99a71662017ecd6175f87144d39c
- SHA512
  
  01ee32b4bac365982fae9a11d4307b7a8a5202d5c97d0bd10f822d966706e84144afe76026f832f9ca467c48ed4d5d717116c11a499fe8628d0465fad8ca3fbc
- SSDEEP
  
  192:vV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/26tblLah8HWF8qa1Dojjgi:pqaCF31cix+Dc4zjft1IFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan