cobaltstrike | bc62b5fd60cbb051d9ea8bf2125d2fa1a95d7127b20bf4bbb2f85fc22e8dd254 | Triage

Sharing

General

Target

bc62b5fd60cbb051d9ea8bf2125d2fa1a95d7127b20bf4bbb2f85fc22e8dd254
Size

1.4MB
Sample

240425-ttgm9ace58
MD5

65a183aca53e2fb020f9fc1a690156f6
SHA1

de5827f98d49015ad22e042c990f9c8647f499c0
SHA256

bc62b5fd60cbb051d9ea8bf2125d2fa1a95d7127b20bf4bbb2f85fc22e8dd254
SHA512

d45b62a431f75e292b529c57f7953b0a4979a6a9c0e311c9140e3d71d38e7fb419808416650157a8bf63b4dc98c2ae4e24a108bb1c065d1fbfe8ac4d5efba4ce
SSDEEP

24576:ylJX3zpeVjNk+8ry6SktAa8LfrdY1dK3vXmJzqK:UnzpetfDkKLfrdYjK/YzqK

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.156.130:80/yTHH

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)

Targets

- Target
  
  bc62b5fd60cbb051d9ea8bf2125d2fa1a95d7127b20bf4bbb2f85fc22e8dd254
- Size
  
  1.4MB
- MD5
  
  65a183aca53e2fb020f9fc1a690156f6
- SHA1
  
  de5827f98d49015ad22e042c990f9c8647f499c0
- SHA256
  
  bc62b5fd60cbb051d9ea8bf2125d2fa1a95d7127b20bf4bbb2f85fc22e8dd254
- SHA512
  
  d45b62a431f75e292b529c57f7953b0a4979a6a9c0e311c9140e3d71d38e7fb419808416650157a8bf63b4dc98c2ae4e24a108bb1c065d1fbfe8ac4d5efba4ce
- SSDEEP
  
  24576:ylJX3zpeVjNk+8ry6SktAa8LfrdY1dK3vXmJzqK:UnzpetfDkKLfrdYjK/YzqK
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan