cobaltstrike | 5d972505a8fe39eed3ed7698fb013178850dcd0e7118a57482d48920004f982c | Triage

Sharing

General

Target

5d972505a8fe39eed3ed7698fb013178850dcd0e7118a57482d48920004f982c.exe
Size

3.7MB
Sample

240519-mh3ysaec4x
MD5

f07de60ec6afa06380af7d5015ea68f4
SHA1

79024b0a2af2b91cd69e5b12a12916f2abcee9a4
SHA256

5d972505a8fe39eed3ed7698fb013178850dcd0e7118a57482d48920004f982c
SHA512

624b8a3dc30f3e7a2707ceca064dce85d8ae9fa0b64aca787f4358e7269e361b26ed177518b3d2f04c10d9bf956ae878367bd428114bdad2d27f5d724f58f977
SSDEEP

49152:JOgbY3Q56s/j/OJpj/oblGsn1IZyWs2a0yNxxrZpG:XN/rwxofQyya04

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://128.199.184.87:9875/Pnf9

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;NLNL)

Targets

- Target
  
  5d972505a8fe39eed3ed7698fb013178850dcd0e7118a57482d48920004f982c.exe
- Size
  
  3.7MB
- MD5
  
  f07de60ec6afa06380af7d5015ea68f4
- SHA1
  
  79024b0a2af2b91cd69e5b12a12916f2abcee9a4
- SHA256
  
  5d972505a8fe39eed3ed7698fb013178850dcd0e7118a57482d48920004f982c
- SHA512
  
  624b8a3dc30f3e7a2707ceca064dce85d8ae9fa0b64aca787f4358e7269e361b26ed177518b3d2f04c10d9bf956ae878367bd428114bdad2d27f5d724f58f977
- SSDEEP
  
  49152:JOgbY3Q56s/j/OJpj/oblGsn1IZyWs2a0yNxxrZpG:XN/rwxofQyya04
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan