cobaltstrike | 0b2f54bdc5369120476bcbb1ea65d98030d2e7f96b5d04559026558b0ccdd038 | Triage

Sharing

General

Target

0b2f54bdc5369120476bcbb1ea65d98030d2e7f96b5d04559026558b0ccdd038
Size

19KB
Sample

240610-3lencswbkr
MD5

7cdec30000dfb3de45105f44f95bbe4a
SHA1

78e26b687ff8c6aa11c624879f2202c1c93cb489
SHA256

0b2f54bdc5369120476bcbb1ea65d98030d2e7f96b5d04559026558b0ccdd038
SHA512

26bd7d63582aa20e71a1ec7c8359bf17a83435f339f83fc19e6d97b43e21c8c20e64aec7866a208e5a5fa8b886c008200450ad9a8ac773549ead4543c1f307a5
SSDEEP

192:uV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2TMoK4WF8qa1Dojjgi:4qaCF31cix+Dc4zjUMpFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://10.17.4.174:80/2Xen

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; BTRS125526)

Targets

- Target
  
  0b2f54bdc5369120476bcbb1ea65d98030d2e7f96b5d04559026558b0ccdd038
- Size
  
  19KB
- MD5
  
  7cdec30000dfb3de45105f44f95bbe4a
- SHA1
  
  78e26b687ff8c6aa11c624879f2202c1c93cb489
- SHA256
  
  0b2f54bdc5369120476bcbb1ea65d98030d2e7f96b5d04559026558b0ccdd038
- SHA512
  
  26bd7d63582aa20e71a1ec7c8359bf17a83435f339f83fc19e6d97b43e21c8c20e64aec7866a208e5a5fa8b886c008200450ad9a8ac773549ead4543c1f307a5
- SSDEEP
  
  192:uV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2TMoK4WF8qa1Dojjgi:4qaCF31cix+Dc4zjUMpFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan