cobaltstrike | 9844b5ad5d59c0ced7e12e9af5a502b719df11b3fcb2043b300a4cb0b340db1d | Triage

Sharing

General

Target

9844b5ad5d59c0ced7e12e9af5a502b719df11b3fcb2043b300a4cb0b340db1d
Size

1.5MB
Sample

240524-mtz19seb5y
MD5

be243e877cbe4cad002316262a408ea8
SHA1

8c27f16ea9cca3e5240b2c50d0fe3dc1b55fca58
SHA256

9844b5ad5d59c0ced7e12e9af5a502b719df11b3fcb2043b300a4cb0b340db1d
SHA512

549f672eb1483041c177624f127eec674e60a923bf4e03d9d75f9dabc3304f10e75f2eee235f1dcd0bcac315e5cd67fbaee432d1bfbf036fffe3693c2e888854
SSDEEP

24576:AkSmnxZEtczeHdyfWbgYJBWwgjLb1dYs:AkFxZWczeH5gYJ3gjLb1dY

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://107.174.253.49:6569/tAPX

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch)

Targets

- Target
  
  9844b5ad5d59c0ced7e12e9af5a502b719df11b3fcb2043b300a4cb0b340db1d
- Size
  
  1.5MB
- MD5
  
  be243e877cbe4cad002316262a408ea8
- SHA1
  
  8c27f16ea9cca3e5240b2c50d0fe3dc1b55fca58
- SHA256
  
  9844b5ad5d59c0ced7e12e9af5a502b719df11b3fcb2043b300a4cb0b340db1d
- SHA512
  
  549f672eb1483041c177624f127eec674e60a923bf4e03d9d75f9dabc3304f10e75f2eee235f1dcd0bcac315e5cd67fbaee432d1bfbf036fffe3693c2e888854
- SSDEEP
  
  24576:AkSmnxZEtczeHdyfWbgYJBWwgjLb1dYs:AkFxZWczeH5gYJ3gjLb1dY
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan