cobaltstrike | dc23bad026a80924b388f63dfed0b6f154e20e53edaf13f9fa4823a5e0d4cae2 | Triage

Sharing

General

Target

dc23bad026a80924b388f63dfed0b6f154e20e53edaf13f9fa4823a5e0d4cae2
Size

19KB
Sample

240612-jhjclavcnn
MD5

68cebb6aa156ab67de24a828cb154f85
SHA1

061237948b1f80e8daaad04825a5f5eba02aae14
SHA256

dc23bad026a80924b388f63dfed0b6f154e20e53edaf13f9fa4823a5e0d4cae2
SHA512

40de212e5196c9d5b01b67feab846afe37fc93a61f0742ea520e78160291f58c36a50ee31d41aca5836d48d8763ee5b4420ce220052f31f2d1a264a0ac208e98
SSDEEP

192:zV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2BIEDWF8qa1Dojjgi:dqaCF31cix+Dc4zjXE6FF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://121.196.246.126:20000/y4VZ

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0)

Targets

- Target
  
  dc23bad026a80924b388f63dfed0b6f154e20e53edaf13f9fa4823a5e0d4cae2
- Size
  
  19KB
- MD5
  
  68cebb6aa156ab67de24a828cb154f85
- SHA1
  
  061237948b1f80e8daaad04825a5f5eba02aae14
- SHA256
  
  dc23bad026a80924b388f63dfed0b6f154e20e53edaf13f9fa4823a5e0d4cae2
- SHA512
  
  40de212e5196c9d5b01b67feab846afe37fc93a61f0742ea520e78160291f58c36a50ee31d41aca5836d48d8763ee5b4420ce220052f31f2d1a264a0ac208e98
- SSDEEP
  
  192:zV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2BIEDWF8qa1Dojjgi:dqaCF31cix+Dc4zjXE6FF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan