cobaltstrike | caef870a200ba4982a21e3ae2c52284cd2fb8b5367a5ff7268f40e21d6d2cade | Triage

Sharing

General

Target

TS-240531-UF5.exe
Size

41KB
Sample

240531-emcy6afe54
MD5

d24dcca23dff95a4809d6247c4c4ca20
SHA1

7d7b01dc1c5640b9a1f4ddb51a7eab16c4ab26b8
SHA256

caef870a200ba4982a21e3ae2c52284cd2fb8b5367a5ff7268f40e21d6d2cade
SHA512

4a0c88b5c65c754f7e6e2dac79aee176e8efccec6b900d2fc0587e5689d9b2972be4da73d056da4f56fbb89d561b4c955e5a29099b4eb3ef35758f261ee17154
SSDEEP

768:qZk2J35U2UTDt1dttrHJxg8QrI0XTjcVTGHKUpmwTP:sk2B5lUHt/rpxCrRjj2vU

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.120.35.167:7777/NJRs

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MAAU; NP08)

Targets

- Target
  
  TS-240531-UF5.exe
- Size
  
  41KB
- MD5
  
  d24dcca23dff95a4809d6247c4c4ca20
- SHA1
  
  7d7b01dc1c5640b9a1f4ddb51a7eab16c4ab26b8
- SHA256
  
  caef870a200ba4982a21e3ae2c52284cd2fb8b5367a5ff7268f40e21d6d2cade
- SHA512
  
  4a0c88b5c65c754f7e6e2dac79aee176e8efccec6b900d2fc0587e5689d9b2972be4da73d056da4f56fbb89d561b4c955e5a29099b4eb3ef35758f261ee17154
- SSDEEP
  
  768:qZk2J35U2UTDt1dttrHJxg8QrI0XTjcVTGHKUpmwTP:sk2B5lUHt/rpxCrRjj2vU
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan