cobaltstrike | 72bce98986d7d3a48821c7bb16ab531cdc0c8f019e31f028a310b1555961658f | Triage

Sharing

General

Target

72bce98986d7d3a48821c7bb16ab531cdc0c8f019e31f028a310b1555961658f
Size

19KB
Sample

240519-mghlfsea99
MD5

c9e2f6c1924a4a6fd5b03fa28bf1b906
SHA1

765f85eeb854c5a95f63ef8b69f4bede5adf26e3
SHA256

72bce98986d7d3a48821c7bb16ab531cdc0c8f019e31f028a310b1555961658f
SHA512

41e206c6b949c1e05304ea05e93115be269aa2173b8cc3cb95fd6855f0d3609034f95bacedca5c841d9394fd43f8f825c0a04e647b3f4f1e8a39c26f7fcc3b05
SSDEEP

192:VV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/25yXFWF8qa1Dojjgi:3qaCF31cix+Dc4zjk6oFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.10.106:8080/UNXb

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; MANM)

Targets

- Target
  
  72bce98986d7d3a48821c7bb16ab531cdc0c8f019e31f028a310b1555961658f
- Size
  
  19KB
- MD5
  
  c9e2f6c1924a4a6fd5b03fa28bf1b906
- SHA1
  
  765f85eeb854c5a95f63ef8b69f4bede5adf26e3
- SHA256
  
  72bce98986d7d3a48821c7bb16ab531cdc0c8f019e31f028a310b1555961658f
- SHA512
  
  41e206c6b949c1e05304ea05e93115be269aa2173b8cc3cb95fd6855f0d3609034f95bacedca5c841d9394fd43f8f825c0a04e647b3f4f1e8a39c26f7fcc3b05
- SSDEEP
  
  192:VV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/25yXFWF8qa1Dojjgi:3qaCF31cix+Dc4zjk6oFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan