cobaltstrike | 731aa61f9230d79c2158cb4137fed1ebb265b216741e3470bb5fd7007d469bc4 | Triage

Sharing

General

Target

731aa61f9230d79c2158cb4137fed1ebb265b216741e3470bb5fd7007d469bc4
Size

1.8MB
Sample

240426-maewzsec25
MD5

7ec80578d30c4c196c4f09cc1953f0ff
SHA1

61568d0f613c11771136a1cf920d01be655262f8
SHA256

731aa61f9230d79c2158cb4137fed1ebb265b216741e3470bb5fd7007d469bc4
SHA512

68d831737eebc5874da0a38de71a22832340b847e26b85fe711202e24d0e06bfaeff86c1fd9d4d3fb8d5a73633bc05824a8a4a8fc25d9ab2ea9cf6a2b8a8ce47
SSDEEP

24576:W5D6tyZWA4w/50Ihf8N5X9P4NOD1Ql3iX0Ix9kLxjNV85:KOtysA4ml6F1QFipnCe5

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.1.105:80/bGdP

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MDDRJS)

Targets

- Target
  
  731aa61f9230d79c2158cb4137fed1ebb265b216741e3470bb5fd7007d469bc4
- Size
  
  1.8MB
- MD5
  
  7ec80578d30c4c196c4f09cc1953f0ff
- SHA1
  
  61568d0f613c11771136a1cf920d01be655262f8
- SHA256
  
  731aa61f9230d79c2158cb4137fed1ebb265b216741e3470bb5fd7007d469bc4
- SHA512
  
  68d831737eebc5874da0a38de71a22832340b847e26b85fe711202e24d0e06bfaeff86c1fd9d4d3fb8d5a73633bc05824a8a4a8fc25d9ab2ea9cf6a2b8a8ce47
- SSDEEP
  
  24576:W5D6tyZWA4w/50Ihf8N5X9P4NOD1Ql3iX0Ix9kLxjNV85:KOtysA4ml6F1QFipnCe5
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan