cobaltstrike | 53ce8405f73176baefb696c0674e7c40a1ae995c53e38e21e84844413f419a17 | Triage

Sharing

General

Target

53ce8405f73176baefb696c0674e7c40a1ae995c53e38e21e84844413f419a17.exe
Size

2.1MB
Sample

240519-mfxzraea76
MD5

77a9d5b4135a0f4f03659c4b65985308
SHA1

5a78aae4de7f958b17afb78687bdfc5aabd95253
SHA256

53ce8405f73176baefb696c0674e7c40a1ae995c53e38e21e84844413f419a17
SHA512

2cf11f5995a549fd2e55b54fb210758c1155e39d93922cd1456ff0278868ebe8ace12e2f10ddb680f2b9377a1781058c557820cfc758ecbf23f9a1577da2120b
SSDEEP

24576:yuDCEcSRZqqJFL9njBIhVJwlzzRfNikVIsz+hx2VIdJGUgDFzvIabIFubZTzukbi:fPcSR9JjjySI0+TdtKGubZ+Q

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://172.16.1.106:9001/xPOF

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)

Targets

- Target
  
  53ce8405f73176baefb696c0674e7c40a1ae995c53e38e21e84844413f419a17.exe
- Size
  
  2.1MB
- MD5
  
  77a9d5b4135a0f4f03659c4b65985308
- SHA1
  
  5a78aae4de7f958b17afb78687bdfc5aabd95253
- SHA256
  
  53ce8405f73176baefb696c0674e7c40a1ae995c53e38e21e84844413f419a17
- SHA512
  
  2cf11f5995a549fd2e55b54fb210758c1155e39d93922cd1456ff0278868ebe8ace12e2f10ddb680f2b9377a1781058c557820cfc758ecbf23f9a1577da2120b
- SSDEEP
  
  24576:yuDCEcSRZqqJFL9njBIhVJwlzzRfNikVIsz+hx2VIdJGUgDFzvIabIFubZTzukbi:fPcSR9JjjySI0+TdtKGubZ+Q
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan