cobaltstrike | d0870446ef07af5dffc825f7b441a71409a948beb537005617ade471ad00f17b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5751cb791ac2f5ae400f789d361fc8f0_NeikiAnalytics.exe
Size

1.3MB
Sample

240529-1waq2sbd5s
MD5

5751cb791ac2f5ae400f789d361fc8f0
SHA1

57fa8ec992e267f65389679df9dbf246aab60330
SHA256

d0870446ef07af5dffc825f7b441a71409a948beb537005617ade471ad00f17b
SHA512

9cbfc3018e5bbf5323c9617159d1be0da741b99c05f6e341eefc604e46ceb6d761bab58947a33815d23a7831c8018e8915716228c2d144bdacc08e171ba10318
SSDEEP

12288:xC91aDapbi0xtnZ0jDCinG9sLd5oF/eYPn/TmHuJf0QXEmz4:8GOpbi0zZCeinGo5oFGe/KuJ9

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://service-hzdzk12c-1318485841.gz.apigw.tencentcs.com:443/make/disclosure/8FSMVPUB2ZA

Attributes

user_agent
Accept: text/html, image/*, application/xml Accept-Language: sk Accept-Encoding: identity, br User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36

Targets

- Target
  
  5751cb791ac2f5ae400f789d361fc8f0_NeikiAnalytics.exe
- Size
  
  1.3MB
- MD5
  
  5751cb791ac2f5ae400f789d361fc8f0
- SHA1
  
  57fa8ec992e267f65389679df9dbf246aab60330
- SHA256
  
  d0870446ef07af5dffc825f7b441a71409a948beb537005617ade471ad00f17b
- SHA512
  
  9cbfc3018e5bbf5323c9617159d1be0da741b99c05f6e341eefc604e46ceb6d761bab58947a33815d23a7831c8018e8915716228c2d144bdacc08e171ba10318
- SSDEEP
  
  12288:xC91aDapbi0xtnZ0jDCinG9sLd5oF/eYPn/TmHuJf0QXEmz4:8GOpbi0zZCeinGo5oFGe/KuJ9
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan