cobaltstrike | a4ce8d5172723881f8e56d26fceae50bd4571ae987306b2ba1de6166de3430e7 | Triage

Sharing

General

Target

a4ce8d5172723881f8e56d26fceae50bd4571ae987306b2ba1de6166de3430e7.exe
Size

1.3MB
Sample

240520-edpatsac89
MD5

c8ff50b04714eb82e2f39e0dd0aeb10e
SHA1

53eb99b04ce51ea80dac7572072d52635fbffb78
SHA256

a4ce8d5172723881f8e56d26fceae50bd4571ae987306b2ba1de6166de3430e7
SHA512

e8efd1035cd9ff2d99ff594b3e1aebc569c2980bc393a921774fa65c314e3b4703ec1828b13082bdf3f0b5b8b958ef2007bced7e0e2614d2b3c28d11bf57f17e
SSDEEP

24576:6AkUe6X2dx1DYK8u3Y2VlndCZJfVOV0tmZ:Lktq2pkC

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.213.128:443/nn6K

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; InfoPath.2)

Targets

- Target
  
  a4ce8d5172723881f8e56d26fceae50bd4571ae987306b2ba1de6166de3430e7.exe
- Size
  
  1.3MB
- MD5
  
  c8ff50b04714eb82e2f39e0dd0aeb10e
- SHA1
  
  53eb99b04ce51ea80dac7572072d52635fbffb78
- SHA256
  
  a4ce8d5172723881f8e56d26fceae50bd4571ae987306b2ba1de6166de3430e7
- SHA512
  
  e8efd1035cd9ff2d99ff594b3e1aebc569c2980bc393a921774fa65c314e3b4703ec1828b13082bdf3f0b5b8b958ef2007bced7e0e2614d2b3c28d11bf57f17e
- SSDEEP
  
  24576:6AkUe6X2dx1DYK8u3Y2VlndCZJfVOV0tmZ:Lktq2pkC
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan