cobaltstrike | dcbe171a2e38f913ce05485acebdc4a06a315632ca7a309e40cf5a7b0167d0a8 | Triage

Sharing

General

Target

dcbe171a2e38f913ce05485acebdc4a06a315632ca7a309e40cf5a7b0167d0a8
Size

19KB
Sample

240422-yz9nfaff35
MD5

d9de76510b65a2ab93f10b182172ce52
SHA1

5f6c6f38971fed09b9ef3d013d9971b93aa0a953
SHA256

dcbe171a2e38f913ce05485acebdc4a06a315632ca7a309e40cf5a7b0167d0a8
SHA512

f0bc34cf0365ffa9225ac28b9724a383dc37a5ed7536a27231f0bc105d0990e94ebb24041d485d2f68204852f6c5ad3bb4a3c19b8ead4be94de3f4f7e32399a5
SSDEEP

192:lV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2pYWWWF8qa1Dojjgi:HqaCF31cix+Dc4zj49nFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.233.130:80/sXDN

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch)

Targets

- Target
  
  dcbe171a2e38f913ce05485acebdc4a06a315632ca7a309e40cf5a7b0167d0a8
- Size
  
  19KB
- MD5
  
  d9de76510b65a2ab93f10b182172ce52
- SHA1
  
  5f6c6f38971fed09b9ef3d013d9971b93aa0a953
- SHA256
  
  dcbe171a2e38f913ce05485acebdc4a06a315632ca7a309e40cf5a7b0167d0a8
- SHA512
  
  f0bc34cf0365ffa9225ac28b9724a383dc37a5ed7536a27231f0bc105d0990e94ebb24041d485d2f68204852f6c5ad3bb4a3c19b8ead4be94de3f4f7e32399a5
- SSDEEP
  
  192:lV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2pYWWWF8qa1Dojjgi:HqaCF31cix+Dc4zj49nFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan