cobaltstrike | b047a1aa427684f2b488fbe4cb705adc022167f48af2eb044a92978fb8c0db3e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b047a1aa427684f2b488fbe4cb705adc022167f48af2eb044a92978fb8c0db3e.exe
Size

19KB
Sample

240530-bvtebshe6z
MD5

056d0dd31675b0337c115c7c1862a093
SHA1

1dbe0b336bd1124132ca9b140e1503a4a7f38221
SHA256

b047a1aa427684f2b488fbe4cb705adc022167f48af2eb044a92978fb8c0db3e
SHA512

32bc3989191122ba55fda3c4f4aa6904e3c5b02c1cdf1ba10e6d9fad8018c88759f92e04a792dcfa9857dafcb3c16ba2a97070d7c36087f0bf1efdf14c933877
SSDEEP

192:2V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2rYoToYsgKVICWF8qa1Dojjgi:QqaCF31cix+Dc4zjERoYsgeI7FF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://120.46.36.83:32569/9qoD

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)

Targets

- Target
  
  b047a1aa427684f2b488fbe4cb705adc022167f48af2eb044a92978fb8c0db3e.exe
- Size
  
  19KB
- MD5
  
  056d0dd31675b0337c115c7c1862a093
- SHA1
  
  1dbe0b336bd1124132ca9b140e1503a4a7f38221
- SHA256
  
  b047a1aa427684f2b488fbe4cb705adc022167f48af2eb044a92978fb8c0db3e
- SHA512
  
  32bc3989191122ba55fda3c4f4aa6904e3c5b02c1cdf1ba10e6d9fad8018c88759f92e04a792dcfa9857dafcb3c16ba2a97070d7c36087f0bf1efdf14c933877
- SSDEEP
  
  192:2V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2rYoToYsgKVICWF8qa1Dojjgi:QqaCF31cix+Dc4zjERoYsgeI7FF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan