cobaltstrike | 9660afbfc932a8a0496fea749d6bede83cdbf6dc9df09e6fa4b17158bb6052b4 | Triage

Sharing

General

Target

9660afbfc932a8a0496fea749d6bede83cdbf6dc9df09e6fa4b17158bb6052b4
Size

19KB
Sample

240425-l92pcshg3s
MD5

12dde48876d1ace883f06342c0afeb6d
SHA1

4d6b948af4c1ad3fe9dec3ad6ce9d0a90ac2c85e
SHA256

9660afbfc932a8a0496fea749d6bede83cdbf6dc9df09e6fa4b17158bb6052b4
SHA512

186b3d010f395cda5f3372f9842b473118c385a7e9253fc03191637d026bbb4523bf3851412a1a7c89aee3d2af576751e3b0201448622c5b1137b2d3664d73ce
SSDEEP

192:qV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2JTgWF8qa1Dojjgi:EqaCF31cix+Dc4zjGTlFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://120.24.173.178:8023/lQ4l

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.1)

Targets

- Target
  
  9660afbfc932a8a0496fea749d6bede83cdbf6dc9df09e6fa4b17158bb6052b4
- Size
  
  19KB
- MD5
  
  12dde48876d1ace883f06342c0afeb6d
- SHA1
  
  4d6b948af4c1ad3fe9dec3ad6ce9d0a90ac2c85e
- SHA256
  
  9660afbfc932a8a0496fea749d6bede83cdbf6dc9df09e6fa4b17158bb6052b4
- SHA512
  
  186b3d010f395cda5f3372f9842b473118c385a7e9253fc03191637d026bbb4523bf3851412a1a7c89aee3d2af576751e3b0201448622c5b1137b2d3664d73ce
- SSDEEP
  
  192:qV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2JTgWF8qa1Dojjgi:EqaCF31cix+Dc4zjGTlFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan