cobaltstrike | 36bcb36342c539e351fa71aef33a9daf80abdd1d08cddfab66c5b3c92b0fb0cd | Triage

Sharing

General

Target

ops.zip
Size

8KB
Sample

240425-db4gasea48
MD5

0fb2ec1fe288d761a2ea7dcc3c181542
SHA1

49f04c37fc098c0528c287dbe0b57727baba220a
SHA256

36bcb36342c539e351fa71aef33a9daf80abdd1d08cddfab66c5b3c92b0fb0cd
SHA512

93f5fa34f471883d5cc2652a1d4e9e9758a50bca499c3544b48221175e4e3aca0c7d403e77b753f9317ac2b69f1bc5356a01447edb634930af647d79b1553df2
SSDEEP

192:p/X56vc24f4AJHGT4fHJtG8CH5z1nDonyx9PqxyEpYTMnS8s4961G:FJ6CmT4/tCH5zlDt9PiyEJS8s49B

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://104.244.76.13:443/iu5J

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/5.0)

Targets

- Target
  
  download.dat
- Size
  
  19KB
- MD5
  
  ea64df29c5b027274076e3ff2f499a0e
- SHA1
  
  6cb3c2265c8957ac6a0a8db2f283e8743e7ad210
- SHA256
  
  a824dc02a2d805f9c474dd4790222523f433650fa11a3fd46c0834c1e1d97d61
- SHA512
  
  95b8b99998d0286f92f2c6121ba8ab5cfd171cdc1153a1a5f5ea5e6635c2593657acc2e228f6d38caee6ba8948ee7fafbf4928fe45a391b824a4f69e3004699f
- SSDEEP
  
  192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2zOmKi0VWF8qa1Dojjgi:iqaCF31cix+Dc4zjyOmKGFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan