cobaltstrike | 047f350dab43780eda39ecb7728a6d44db34f1bd58f8831ae0e8fe18f38fe1c9 | Triage

Sharing

General

Target

047f350dab43780eda39ecb7728a6d44db34f1bd58f8831ae0e8fe18f38fe1c9
Size

1.4MB
Sample

240425-trwpdsce42
MD5

73ffae0229d5e0901d4359be513902f7
SHA1

9fe41902fe437a30052c40e10568bf735aa38832
SHA256

047f350dab43780eda39ecb7728a6d44db34f1bd58f8831ae0e8fe18f38fe1c9
SHA512

77f28cbdd6c84c263866e0df940d24c4fffa9f00bb1923843f099b4ff5b38de4e30ea3b505657adec68b6722834375dcd213492d910c31a0f322b6393be69c27
SSDEEP

24576:qJWDzIPdTtk+8rd6n+BOwDNOlRrEjkdy7kdnm+:3DzIF4siOflRgjkdbBm+

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.156.130:80/yTHH

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)

Targets

- Target
  
  047f350dab43780eda39ecb7728a6d44db34f1bd58f8831ae0e8fe18f38fe1c9
- Size
  
  1.4MB
- MD5
  
  73ffae0229d5e0901d4359be513902f7
- SHA1
  
  9fe41902fe437a30052c40e10568bf735aa38832
- SHA256
  
  047f350dab43780eda39ecb7728a6d44db34f1bd58f8831ae0e8fe18f38fe1c9
- SHA512
  
  77f28cbdd6c84c263866e0df940d24c4fffa9f00bb1923843f099b4ff5b38de4e30ea3b505657adec68b6722834375dcd213492d910c31a0f322b6393be69c27
- SSDEEP
  
  24576:qJWDzIPdTtk+8rd6n+BOwDNOlRrEjkdy7kdnm+:3DzIF4siOflRgjkdbBm+
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan