cobaltstrike | 4b3a3d64ac35a3ef4c2f4d386a65651d2519a9a6485492548b6cef77afcec228 | Triage

Sharing

General

Target

4b3a3d64ac35a3ef4c2f4d386a65651d2519a9a6485492548b6cef77afcec228
Size

1.3MB
Sample

240519-qjt9taad3t
MD5

6032eaf438a7546ebbad8d8e7b2a9e37
SHA1

90442f1b245f6ad02cf8b16489c0f556d0f198d5
SHA256

4b3a3d64ac35a3ef4c2f4d386a65651d2519a9a6485492548b6cef77afcec228
SHA512

32e563cfa52763121dd43939b695336e13fe6ed873bfd3f44cac878411e050ccfad1504cfab770fe8440cca08f790ee22381ed2d6f82f7f33f74f41f43aa85f1
SSDEEP

24576:GTc2L8h5EVNLcDzK8u3Y2V9ndCZJfVOV0tmB:scm8/EnY/C

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.213.128:80/4xnC

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MASP)

Targets

- Target
  
  4b3a3d64ac35a3ef4c2f4d386a65651d2519a9a6485492548b6cef77afcec228
- Size
  
  1.3MB
- MD5
  
  6032eaf438a7546ebbad8d8e7b2a9e37
- SHA1
  
  90442f1b245f6ad02cf8b16489c0f556d0f198d5
- SHA256
  
  4b3a3d64ac35a3ef4c2f4d386a65651d2519a9a6485492548b6cef77afcec228
- SHA512
  
  32e563cfa52763121dd43939b695336e13fe6ed873bfd3f44cac878411e050ccfad1504cfab770fe8440cca08f790ee22381ed2d6f82f7f33f74f41f43aa85f1
- SSDEEP
  
  24576:GTc2L8h5EVNLcDzK8u3Y2V9ndCZJfVOV0tmB:scm8/EnY/C
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan