cobaltstrike | 5790e6ace76217602e06dcd2119bc7af0bd96852608d2cd33bc9ce3a6ebf273d | Triage

Sharing

General

Target

5790e6ace76217602e06dcd2119bc7af0bd96852608d2cd33bc9ce3a6ebf273d
Size

19KB
Sample

240612-qwhrjszgqq
MD5

b1294230a639e09fbd9d63f579863280
SHA1

b3c72ff316d88a801766d14ada1b3f8077885f4a
SHA256

5790e6ace76217602e06dcd2119bc7af0bd96852608d2cd33bc9ce3a6ebf273d
SHA512

ccfe6194255e2aca8c37c202dc90ac77c2bd498f7ea210c08b059ff817cc495490667d37f4c226eaa7877ab7d5eb2fe4611ed3e456516f210b0e1edf28d1da89
SSDEEP

192:BV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2zAynWF8qa1Dojjgi:TqaCF31cix+Dc4zjCAyWFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://120.192.31.99:6666/eZh6

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch; MASPJS)

Targets

- Target
  
  5790e6ace76217602e06dcd2119bc7af0bd96852608d2cd33bc9ce3a6ebf273d
- Size
  
  19KB
- MD5
  
  b1294230a639e09fbd9d63f579863280
- SHA1
  
  b3c72ff316d88a801766d14ada1b3f8077885f4a
- SHA256
  
  5790e6ace76217602e06dcd2119bc7af0bd96852608d2cd33bc9ce3a6ebf273d
- SHA512
  
  ccfe6194255e2aca8c37c202dc90ac77c2bd498f7ea210c08b059ff817cc495490667d37f4c226eaa7877ab7d5eb2fe4611ed3e456516f210b0e1edf28d1da89
- SSDEEP
  
  192:BV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2zAynWF8qa1Dojjgi:TqaCF31cix+Dc4zjCAyWFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan