cobaltstrike | beacbd37de2a5a0078ccc59fec2e352e9f8bcb59575a869ad57a8b18f9552a9b | Triage

Sharing

General

Target

beacbd37de2a5a0078ccc59fec2e352e9f8bcb59575a869ad57a8b18f9552a9b
Size

19KB
Sample

240425-h22slsgf93
MD5

984a5c0e29bdaa65141d884e83a4ff22
SHA1

556f576ff1e056a13e030d3b30c374d5abf4db8a
SHA256

beacbd37de2a5a0078ccc59fec2e352e9f8bcb59575a869ad57a8b18f9552a9b
SHA512

6ee9fcf2369df7ad557c0ad90a2553c60d95569325890eb1a3d990db9fa12e5f11672c3ea7ab3e31258c7ab73e369eed39c21051b0df5b22a6b983e2281c4e2a
SSDEEP

192:/V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2ArRFsCDqR698WF8qa1Dojjgi:5qaCF31cix+Dc4zj3176OFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.99.77.52:8088/8Mfr

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MALNJS)

Targets

- Target
  
  beacbd37de2a5a0078ccc59fec2e352e9f8bcb59575a869ad57a8b18f9552a9b
- Size
  
  19KB
- MD5
  
  984a5c0e29bdaa65141d884e83a4ff22
- SHA1
  
  556f576ff1e056a13e030d3b30c374d5abf4db8a
- SHA256
  
  beacbd37de2a5a0078ccc59fec2e352e9f8bcb59575a869ad57a8b18f9552a9b
- SHA512
  
  6ee9fcf2369df7ad557c0ad90a2553c60d95569325890eb1a3d990db9fa12e5f11672c3ea7ab3e31258c7ab73e369eed39c21051b0df5b22a6b983e2281c4e2a
- SSDEEP
  
  192:/V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2ArRFsCDqR698WF8qa1Dojjgi:5qaCF31cix+Dc4zj3176OFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan