cobaltstrike | 74a534ade213631209a942aff165cf5029297b8e2ec82e4d1770b9d1abf3d539 | Triage

Sharing

General

Target

74a534ade213631209a942aff165cf5029297b8e2ec82e4d1770b9d1abf3d539
Size

19KB
Sample

240425-vsb7tada53
MD5

d741f89842765bd5810afe9dcd1e60a2
SHA1

1553ec3e34130bde1693787aeebbdc3f1bf68438
SHA256

74a534ade213631209a942aff165cf5029297b8e2ec82e4d1770b9d1abf3d539
SHA512

db3cd1d28e8328804e86a92ca87a505963ecc0acdac9acc6084764c4e95220be3a704ca71bf79fb8fb35606c12a073578706dfe32b33af8d05800cd2b08194c1
SSDEEP

192:uV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/26q0x2HWF8qa1Dojjgi:4qaCF31cix+Dc4zjk0g2FF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.235.128:80/YvKC

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0; MASP)

Targets

- Target
  
  74a534ade213631209a942aff165cf5029297b8e2ec82e4d1770b9d1abf3d539
- Size
  
  19KB
- MD5
  
  d741f89842765bd5810afe9dcd1e60a2
- SHA1
  
  1553ec3e34130bde1693787aeebbdc3f1bf68438
- SHA256
  
  74a534ade213631209a942aff165cf5029297b8e2ec82e4d1770b9d1abf3d539
- SHA512
  
  db3cd1d28e8328804e86a92ca87a505963ecc0acdac9acc6084764c4e95220be3a704ca71bf79fb8fb35606c12a073578706dfe32b33af8d05800cd2b08194c1
- SSDEEP
  
  192:uV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/26q0x2HWF8qa1Dojjgi:4qaCF31cix+Dc4zjk0g2FF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan