cobaltstrike | 710c39471a84e0530e81534fce3150a081710975fef688ab105b098fb206369b | Triage

Sharing

General

Target

710c39471a84e0530e81534fce3150a081710975fef688ab105b098fb206369b
Size

19KB
Sample

240426-mdf88aec61
MD5

6ba91b11cce2b3d750a76d6d260a12b3
SHA1

74e0223ffeb146dcf167a223b3d54dade7eddf66
SHA256

710c39471a84e0530e81534fce3150a081710975fef688ab105b098fb206369b
SHA512

c60d4fc5794d9017185c2d3bc8a437c2bf6866c60b7a81fa1387e406deab399d3276744f2d5f728c6ae5aa939b6310a16c60b6b53a6c9f7fd8c0b4538c537076
SSDEEP

192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2FINrKDOWF8qa1Dojjgi:iqaCF31cix+Dc4zjzNrqvFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.34.32:5555/PWoG

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)

Targets

- Target
  
  710c39471a84e0530e81534fce3150a081710975fef688ab105b098fb206369b
- Size
  
  19KB
- MD5
  
  6ba91b11cce2b3d750a76d6d260a12b3
- SHA1
  
  74e0223ffeb146dcf167a223b3d54dade7eddf66
- SHA256
  
  710c39471a84e0530e81534fce3150a081710975fef688ab105b098fb206369b
- SHA512
  
  c60d4fc5794d9017185c2d3bc8a437c2bf6866c60b7a81fa1387e406deab399d3276744f2d5f728c6ae5aa939b6310a16c60b6b53a6c9f7fd8c0b4538c537076
- SSDEEP
  
  192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2FINrKDOWF8qa1Dojjgi:iqaCF31cix+Dc4zjzNrqvFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan