cobaltstrike | 1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef | Triage

Sharing

General

Target

1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef
Size

41KB
Sample

240426-mbm9raec48
MD5

cc194205c5062ac0d2c5d2fa0c7317ed
SHA1

dec4287df781cdd736fdf71a7159853e577a64cb
SHA256

1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef
SHA512

6392f02a4a588621ba3a83f009c4c2c14f3eadc832d988f4ed2fda8c7082a0d6cc769b5918a193711a227f437968e96fa22100c451137a223082be8c6ca64b4d
SSDEEP

768:jBOZpWVJUNNua3RsFTcuvwpw49G7DetPG3hzXHFJQUdW:sQJUjua3y9wS49G7SG3QUd

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://43.154.174.99:44443/4tn3

Attributes

user_agent
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/2

Targets

- Target
  
  1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef
- Size
  
  41KB
- MD5
  
  cc194205c5062ac0d2c5d2fa0c7317ed
- SHA1
  
  dec4287df781cdd736fdf71a7159853e577a64cb
- SHA256
  
  1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef
- SHA512
  
  6392f02a4a588621ba3a83f009c4c2c14f3eadc832d988f4ed2fda8c7082a0d6cc769b5918a193711a227f437968e96fa22100c451137a223082be8c6ca64b4d
- SSDEEP
  
  768:jBOZpWVJUNNua3RsFTcuvwpw49G7DetPG3hzXHFJQUdW:sQJUjua3y9wS49G7SG3QUd
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan