cobaltstrike | 91862550acadbd5ec3a60f000332234fb0f05121ab9774a9ed554cbd9d4fec3c | Triage

Sharing

General

Target

91862550acadbd5ec3a60f000332234fb0f05121ab9774a9ed554cbd9d4fec3c
Size

555KB
Sample

240425-asbaascb94
MD5

e5664fa0b392251b484b92789b88a542
SHA1

62dc8406a8b28f713650a23c5e00261d72c61cb1
SHA256

91862550acadbd5ec3a60f000332234fb0f05121ab9774a9ed554cbd9d4fec3c
SHA512

095b25c450414af85f6301efe4671c747a4fceb471871f3be0aed394fa2e8bb12c86ce0dcd481425b15bdb747ed77866830c2957b3f4dfa6f6e4e9ce4c585ebe
SSDEEP

12288:HkEp3gos8uXY4cO/gqhd+3C5+qQUjJUU4QdxIYDdtWnI+NKnw/L1:HkEp3W8AD/Dhd+y4lqJ8QdCYDoDNKn01

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.1.11:80/i2oS

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Targets

- Target
  
  91862550acadbd5ec3a60f000332234fb0f05121ab9774a9ed554cbd9d4fec3c
- Size
  
  555KB
- MD5
  
  e5664fa0b392251b484b92789b88a542
- SHA1
  
  62dc8406a8b28f713650a23c5e00261d72c61cb1
- SHA256
  
  91862550acadbd5ec3a60f000332234fb0f05121ab9774a9ed554cbd9d4fec3c
- SHA512
  
  095b25c450414af85f6301efe4671c747a4fceb471871f3be0aed394fa2e8bb12c86ce0dcd481425b15bdb747ed77866830c2957b3f4dfa6f6e4e9ce4c585ebe
- SSDEEP
  
  12288:HkEp3gos8uXY4cO/gqhd+3C5+qQUjJUU4QdxIYDdtWnI+NKnw/L1:HkEp3W8AD/Dhd+y4lqJ8QdCYDoDNKn01
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan