cobaltstrike | e5aea542ee91767b72924b3379cf0af3da6a8168686eab1621350b96bfadb0de | Triage

Sharing

General

Target

e5aea542ee91767b72924b3379cf0af3da6a8168686eab1621350b96bfadb0de.exe
Size

18KB
Sample

240525-cjzmmsah5z
MD5

5b414e7955f648917cbafec6fb738482
SHA1

cbb8a3208e5fb83610ac75b671cd629c6e3481fc
SHA256

e5aea542ee91767b72924b3379cf0af3da6a8168686eab1621350b96bfadb0de
SHA512

ff9d6dc05fdecb54b661a2c70853c9e8faee9009394803cbfbf642fb971e2c1c5356b864ffe75ec570cd95147207106248f493fc7d6c163d90b6ef5b69e428ed
SSDEEP

192:10X9M+VvDVyaLjIy/hZFLKHGGfet4YX2IpqqDF7FR1DMjjhh:8HVJyawy/h7KWXRvDZh+hh

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://43.138.234.160:8088/center/user_sid

Attributes

user_agent
Accept: */* Accept-Language: en-US,en;q=0.5 Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4472.114 Safari/537.36

Targets

- Target
  
  e5aea542ee91767b72924b3379cf0af3da6a8168686eab1621350b96bfadb0de.exe
- Size
  
  18KB
- MD5
  
  5b414e7955f648917cbafec6fb738482
- SHA1
  
  cbb8a3208e5fb83610ac75b671cd629c6e3481fc
- SHA256
  
  e5aea542ee91767b72924b3379cf0af3da6a8168686eab1621350b96bfadb0de
- SHA512
  
  ff9d6dc05fdecb54b661a2c70853c9e8faee9009394803cbfbf642fb971e2c1c5356b864ffe75ec570cd95147207106248f493fc7d6c163d90b6ef5b69e428ed
- SSDEEP
  
  192:10X9M+VvDVyaLjIy/hZFLKHGGfet4YX2IpqqDF7FR1DMjjhh:8HVJyawy/h7KWXRvDZh+hh
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan