cobaltstrike | 212e700866e06793829e401318066b0892b57b51f1c4e8f968171f6b556983b6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

212e700866e06793829e401318066b0892b57b51f1c4e8f968171f6b556983b6
Size

19KB
Sample

240505-nccp3sgc6w
MD5

1fcc8bc7e8882c9ec967381304fa7692
SHA1

14ca910f30c318346276cc47d84a682bc5af1a1a
SHA256

212e700866e06793829e401318066b0892b57b51f1c4e8f968171f6b556983b6
SHA512

82ddb1bef32c14c69cfaf9fb501458e3d4b3053230d9559ba7070e856c4b6c54e93542759ec6b21874020bc23f78b7a480a224e143cf3ab768212a4d59ed3f57
SSDEEP

192:cV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/25+Jyz9r/WF8qa1Dojjgi:+qaCF31cix+Dc4zjgzoFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.65.129:443/messages/DALBSF25

Attributes

user_agent
Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko)

Targets

- Target
  
  212e700866e06793829e401318066b0892b57b51f1c4e8f968171f6b556983b6
- Size
  
  19KB
- MD5
  
  1fcc8bc7e8882c9ec967381304fa7692
- SHA1
  
  14ca910f30c318346276cc47d84a682bc5af1a1a
- SHA256
  
  212e700866e06793829e401318066b0892b57b51f1c4e8f968171f6b556983b6
- SHA512
  
  82ddb1bef32c14c69cfaf9fb501458e3d4b3053230d9559ba7070e856c4b6c54e93542759ec6b21874020bc23f78b7a480a224e143cf3ab768212a4d59ed3f57
- SSDEEP
  
  192:cV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/25+Jyz9r/WF8qa1Dojjgi:+qaCF31cix+Dc4zjgzoFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan