cobaltstrike | d9f972c00cc00af4014a6d769becf9caa224801e3f85365b5eae4fc861383ad6 | Triage

Sharing

General

Target

d9f972c00cc00af4014a6d769becf9caa224801e3f85365b5eae4fc861383ad6
Size

19KB
Sample

240425-ncdx5sab55
MD5

0a3c43ce3d4601f8d2c5245b90febde3
SHA1

a5fc08d5482fdbf616f21d531216e997b4f0a32d
SHA256

d9f972c00cc00af4014a6d769becf9caa224801e3f85365b5eae4fc861383ad6
SHA512

db2967bb2cd54b7fa2c24c64720874ce2220144329fbce4eac42e7a3344e931ff8664d0813d7b5998fd39b5ea70ab3359674c2032fa9f9aefcb144e7573e9b1d
SSDEEP

192:9V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2CnbLCGWF8qa1Dojjgi:vqaCF31cix+Dc4zjdWFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://120.24.173.178:80/3izG

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)

Targets

- Target
  
  d9f972c00cc00af4014a6d769becf9caa224801e3f85365b5eae4fc861383ad6
- Size
  
  19KB
- MD5
  
  0a3c43ce3d4601f8d2c5245b90febde3
- SHA1
  
  a5fc08d5482fdbf616f21d531216e997b4f0a32d
- SHA256
  
  d9f972c00cc00af4014a6d769becf9caa224801e3f85365b5eae4fc861383ad6
- SHA512
  
  db2967bb2cd54b7fa2c24c64720874ce2220144329fbce4eac42e7a3344e931ff8664d0813d7b5998fd39b5ea70ab3359674c2032fa9f9aefcb144e7573e9b1d
- SSDEEP
  
  192:9V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2CnbLCGWF8qa1Dojjgi:vqaCF31cix+Dc4zjdWFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan