cobaltstrike | b80f86575a080f4473efcfd049d0ffdb47d26349951444a89c956ab84e3de352 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b80f86575a080f4473efcfd049d0ffdb47d26349951444a89c956ab84e3de352
Size

19KB
Sample

240603-nnk6lach7x
MD5

d067ae9bded6a2875aac2566fc4f41a6
SHA1

2fb92c6a7d607bbf6c37aa637173b4f0d78c1632
SHA256

b80f86575a080f4473efcfd049d0ffdb47d26349951444a89c956ab84e3de352
SHA512

6fcd0a6513215877cdad560b0292e8185ab699f65bdff5e5c20665a6f5db74117004b3c94bf5edca82b07254f8e44094dd8de9d077c13e6d1d739a2309df8c05
SSDEEP

192:gV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2jw2zWWF8qa1Dojjgi:CqaCF31cix+Dc4zj0wiFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.59.12:6066/p9Br

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; BOIE9;ENUS)

Targets

- Target
  
  b80f86575a080f4473efcfd049d0ffdb47d26349951444a89c956ab84e3de352
- Size
  
  19KB
- MD5
  
  d067ae9bded6a2875aac2566fc4f41a6
- SHA1
  
  2fb92c6a7d607bbf6c37aa637173b4f0d78c1632
- SHA256
  
  b80f86575a080f4473efcfd049d0ffdb47d26349951444a89c956ab84e3de352
- SHA512
  
  6fcd0a6513215877cdad560b0292e8185ab699f65bdff5e5c20665a6f5db74117004b3c94bf5edca82b07254f8e44094dd8de9d077c13e6d1d739a2309df8c05
- SSDEEP
  
  192:gV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2jw2zWWF8qa1Dojjgi:CqaCF31cix+Dc4zj0wiFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan