cobaltstrike | 846ed999ad341be81b505fa19bea83508ccf025019049aabf63df719caa281d2 | Triage

Sharing

General

Target

846ed999ad341be81b505fa19bea83508ccf025019049aabf63df719caa281d2
Size

1.2MB
Sample

240521-mkgtbsac7w
MD5

771a20e342330c644860fe3382c21631
SHA1

5aea6dc83adaae0ddca520a33b215c50b9131a41
SHA256

846ed999ad341be81b505fa19bea83508ccf025019049aabf63df719caa281d2
SHA512

62d3feb4dc88ae92b9c8bca9b83f0bf74a074b1d8960ca9bf316c531a4510f0a5221d1ecc96683e5f5b84f0009714bd9f9d79a4a301218bd4061311939fe1484
SSDEEP

24576:vD5ydfVeBtvIACPUAYilGUNlkg/aj4/jJohXk7u350K1:vD8dfVADilGUHkg/qXIuJ0K1

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://20.70.8.27:8888/YEOp

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MANM; MANM)

Targets

- Target
  
  846ed999ad341be81b505fa19bea83508ccf025019049aabf63df719caa281d2
- Size
  
  1.2MB
- MD5
  
  771a20e342330c644860fe3382c21631
- SHA1
  
  5aea6dc83adaae0ddca520a33b215c50b9131a41
- SHA256
  
  846ed999ad341be81b505fa19bea83508ccf025019049aabf63df719caa281d2
- SHA512
  
  62d3feb4dc88ae92b9c8bca9b83f0bf74a074b1d8960ca9bf316c531a4510f0a5221d1ecc96683e5f5b84f0009714bd9f9d79a4a301218bd4061311939fe1484
- SSDEEP
  
  24576:vD5ydfVeBtvIACPUAYilGUNlkg/aj4/jJohXk7u350K1:vD8dfVADilGUHkg/qXIuJ0K1
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan