cobaltstrike | 8e5c5a9a489831828a062dae4fe039f9a27671b877b4d1cec373b369b89fe77a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e5c5a9a489831828a062dae4fe039f9a27671b877b4d1cec373b369b89fe77a
Size

19KB
Sample

240601-t2brzagf8w
MD5

ae0b4e53ca8031f96205e4dffa4703bd
SHA1

3ca1346998cbf6042899fb24503ec76be2fd8c8e
SHA256

8e5c5a9a489831828a062dae4fe039f9a27671b877b4d1cec373b369b89fe77a
SHA512

5f3a5b50d1367ceff9fbbec6c34f160e01e231a72c74481efef9f763845d63d517eea9f999d741c381848c88b727d275fa032bb365909835149829fb39e502a5
SSDEEP

192:KV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/27ptnaO7WF8qa1Dojjgi:kqaCF31cix+Dc4zjMXCFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.153.129:80/NUyA

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MATBJS)

Targets

- Target
  
  8e5c5a9a489831828a062dae4fe039f9a27671b877b4d1cec373b369b89fe77a
- Size
  
  19KB
- MD5
  
  ae0b4e53ca8031f96205e4dffa4703bd
- SHA1
  
  3ca1346998cbf6042899fb24503ec76be2fd8c8e
- SHA256
  
  8e5c5a9a489831828a062dae4fe039f9a27671b877b4d1cec373b369b89fe77a
- SHA512
  
  5f3a5b50d1367ceff9fbbec6c34f160e01e231a72c74481efef9f763845d63d517eea9f999d741c381848c88b727d275fa032bb365909835149829fb39e502a5
- SSDEEP
  
  192:KV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/27ptnaO7WF8qa1Dojjgi:kqaCF31cix+Dc4zjMXCFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan