cobaltstrike | b87a1e6329c3cc7da3688493e291bc6e3b58a5f3185dbcb14af73f1c77aab981 | Triage

Sharing

General

Target

b87a1e6329c3cc7da3688493e291bc6e3b58a5f3185dbcb14af73f1c77aab981
Size

19KB
Sample

240524-t5y2nscf34
MD5

244dd20c5329fafc147a19536b8ae0d9
SHA1

f624a72cebc86b8a0a18f0bfe48b03da9da750eb
SHA256

b87a1e6329c3cc7da3688493e291bc6e3b58a5f3185dbcb14af73f1c77aab981
SHA512

9c06d32c75bba25e5a1d08225b379b9ab619d434a80977d30184f9e1fb525ed0f306fe823324910fe4ffb6666ca1e5941658277c8bd6d206751b3390aa634ba9
SSDEEP

192:CV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2wxoeQWF8qa1Dojjgi:MqaCF31cix+Dc4zjB1FF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.85.147:80/q2tF

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MASP)

Targets

- Target
  
  b87a1e6329c3cc7da3688493e291bc6e3b58a5f3185dbcb14af73f1c77aab981
- Size
  
  19KB
- MD5
  
  244dd20c5329fafc147a19536b8ae0d9
- SHA1
  
  f624a72cebc86b8a0a18f0bfe48b03da9da750eb
- SHA256
  
  b87a1e6329c3cc7da3688493e291bc6e3b58a5f3185dbcb14af73f1c77aab981
- SHA512
  
  9c06d32c75bba25e5a1d08225b379b9ab619d434a80977d30184f9e1fb525ed0f306fe823324910fe4ffb6666ca1e5941658277c8bd6d206751b3390aa634ba9
- SSDEEP
  
  192:CV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2wxoeQWF8qa1Dojjgi:MqaCF31cix+Dc4zjB1FF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan