cobaltstrike | 16c1e1534197c73b58d05beebbef7f3ee2d2091c74886b2fa9fbfd4a1d2f47f3 | Triage

Sharing

General

Target

16c1e1534197c73b58d05beebbef7f3ee2d2091c74886b2fa9fbfd4a1d2f47f3
Size

19KB
Sample

240522-md3gfsbg6v
MD5

5a0b6dfdcaeafbc2c41857aa0d6de114
SHA1

33865eab4c22265e0d130b2045f979e131528dd8
SHA256

16c1e1534197c73b58d05beebbef7f3ee2d2091c74886b2fa9fbfd4a1d2f47f3
SHA512

834009f6a487822ad6e07bdde2fe983cf8180c7c7a17e4cf364443c99a57fece165a9d42531b4cb75a73271a72778e8a0aab5605667b579f4b854a23684b991e
SSDEEP

192:+V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2pPQlJR4kWF8qa1Dojjgi:IqaCF31cix+Dc4zj4sHiFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.233.129:8001/f9Tj

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0)

Targets

- Target
  
  16c1e1534197c73b58d05beebbef7f3ee2d2091c74886b2fa9fbfd4a1d2f47f3
- Size
  
  19KB
- MD5
  
  5a0b6dfdcaeafbc2c41857aa0d6de114
- SHA1
  
  33865eab4c22265e0d130b2045f979e131528dd8
- SHA256
  
  16c1e1534197c73b58d05beebbef7f3ee2d2091c74886b2fa9fbfd4a1d2f47f3
- SHA512
  
  834009f6a487822ad6e07bdde2fe983cf8180c7c7a17e4cf364443c99a57fece165a9d42531b4cb75a73271a72778e8a0aab5605667b579f4b854a23684b991e
- SSDEEP
  
  192:+V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2pPQlJR4kWF8qa1Dojjgi:IqaCF31cix+Dc4zj4sHiFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan