cobaltstrike | f31a5c2c5a42d02164b9cbe2eff89de470e67452518e68cb677f3b4619f35e7e | Triage

Sharing

General

Target

f31a5c2c5a42d02164b9cbe2eff89de470e67452518e68cb677f3b4619f35e7e
Size

1.4MB
Sample

240425-trs89sce38
MD5

197cc5a3498abe4b3d866508a5e7b843
SHA1

9c7c38f45e436849ff5d037c5d83ef373702f333
SHA256

f31a5c2c5a42d02164b9cbe2eff89de470e67452518e68cb677f3b4619f35e7e
SHA512

9c2059cd593d2c2f26ceba63a8a7cfb2a21011016a4a4600fac3a68750264e495ed897c81bf15b15694469b5c3e9fd44d6e3484010664af72bfdd65cf530e426
SSDEEP

24576:vH9i15Cp9KNNoLoL6LOBep0/DgYgy78paULD1:vyCuNmcLgOQ0kYgy47LD1

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.50.116:1234/7tMe

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)

Targets

- Target
  
  f31a5c2c5a42d02164b9cbe2eff89de470e67452518e68cb677f3b4619f35e7e
- Size
  
  1.4MB
- MD5
  
  197cc5a3498abe4b3d866508a5e7b843
- SHA1
  
  9c7c38f45e436849ff5d037c5d83ef373702f333
- SHA256
  
  f31a5c2c5a42d02164b9cbe2eff89de470e67452518e68cb677f3b4619f35e7e
- SHA512
  
  9c2059cd593d2c2f26ceba63a8a7cfb2a21011016a4a4600fac3a68750264e495ed897c81bf15b15694469b5c3e9fd44d6e3484010664af72bfdd65cf530e426
- SSDEEP
  
  24576:vH9i15Cp9KNNoLoL6LOBep0/DgYgy78paULD1:vyCuNmcLgOQ0kYgy47LD1
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan