cobaltstrike | 4dbdbb8a9cc35f27044523d7a20fe567cacb00659042f0e50425965541812051 | Triage

Sharing

General

Target

4dbdbb8a9cc35f27044523d7a20fe567cacb00659042f0e50425965541812051
Size

27KB
Sample

240419-tjcxbahe2t
MD5

564c73f2765a4f5bd6134aa3189f4142
SHA1

39d2a9669e73302fd4af2158e628b53a77a46e53
SHA256

4dbdbb8a9cc35f27044523d7a20fe567cacb00659042f0e50425965541812051
SHA512

70e7e7160b028c7e22ab3a1914d57ccf4e13ec62d851a22e205318e7230b52fd8307f570520f19fec1a9d6734696fd4d273889868db616e8f12d7be746fe3321
SSDEEP

768:PpbBpXotgy7ymlD6OIvj5TFqD3xncUcDReAs77n:RbBpYtg6B4OnD3xnfIeAs77n

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://120.78.65.206:44444/YIxC

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)

Targets

- Target
  
  cfbbd4db0db3888b50c247e5f379fe039d6ce4c5a7fd7e2bbcc3b1b3e3b91ab9.exe
- Size
  
  69KB
- MD5
  
  c1fd6b9ef701223171455ad29515391c
- SHA1
  
  678e5becb958a33e4c59a3a5874d92863c6ba07e
- SHA256
  
  cfbbd4db0db3888b50c247e5f379fe039d6ce4c5a7fd7e2bbcc3b1b3e3b91ab9
- SHA512
  
  7aaec185bac26e84e08ed545f267fa6d12f03d7f20f9610302f1194f89efad5ada85cc415bdbec3d13915b4f15b6694fc8affff344fb79ef9b520c2a9497cfb7
- SSDEEP
  
  1536:s1XpZVSnbOAgKU3mQ/dmlz+eJ2srKVrl:s1X3QSXnWJ7N6
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan