cobaltstrike | 3f4a8d3eb250de0a414e5ad173a5bac56facaf1f4e4d10030131f6da20d5fa64 | Triage

Sharing

General

Target

3f4a8d3eb250de0a414e5ad173a5bac56facaf1f4e4d10030131f6da20d5fa64
Size

19KB
Sample

240424-ewg98seg8s
MD5

fe5ac8d46f29927d2cee708cf0294658
SHA1

a6f3a32ed8d40557cd7de7df3f7cf233cd50cdd4
SHA256

3f4a8d3eb250de0a414e5ad173a5bac56facaf1f4e4d10030131f6da20d5fa64
SHA512

9eb48a36aef65f1e60595648d967bcfde24fcb83955790b52006aa5e537507098928afe5823f19832753f52ceaf0eb0642369a071a75446db8d0c26daa3b59ac
SSDEEP

192:lV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2JTsWF8qa1Dojjgi:HqaCF31cix+Dc4zj6TJFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.1.56:99/PJuN

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MANM; MANM)

Targets

- Target
  
  3f4a8d3eb250de0a414e5ad173a5bac56facaf1f4e4d10030131f6da20d5fa64
- Size
  
  19KB
- MD5
  
  fe5ac8d46f29927d2cee708cf0294658
- SHA1
  
  a6f3a32ed8d40557cd7de7df3f7cf233cd50cdd4
- SHA256
  
  3f4a8d3eb250de0a414e5ad173a5bac56facaf1f4e4d10030131f6da20d5fa64
- SHA512
  
  9eb48a36aef65f1e60595648d967bcfde24fcb83955790b52006aa5e537507098928afe5823f19832753f52ceaf0eb0642369a071a75446db8d0c26daa3b59ac
- SSDEEP
  
  192:lV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2JTsWF8qa1Dojjgi:HqaCF31cix+Dc4zj6TJFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan