cobaltstrike | 5a4b55de9564e7f2319503344b69641e5fe6945268ecfddc5467c06c7b80497a | Triage

Sharing

General

Target

5a4b55de9564e7f2319503344b69641e5fe6945268ecfddc5467c06c7b80497a
Size

19KB
Sample

240614-rkca3axfpr
MD5

81110cfc818692beb6b63945376c746e
SHA1

4b5bb488d8168ea9ab7adc18a91232bbeb162b78
SHA256

5a4b55de9564e7f2319503344b69641e5fe6945268ecfddc5467c06c7b80497a
SHA512

0176e3a7a47fa5b650728449f845b1ebbabec619d278c280db90dd0a405e65907bb6278fc5798433eb1dec8df2d1ae476140af5bce8de202e65ad938cc12c20e
SSDEEP

192:+V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2PCPaxWF8qa1Dojjgi:IqaCF31cix+Dc4zj5XFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://service-annqwar1-1314179575.sh.tencentapigw.com:443/bootstrap-2.min.js

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0)

Targets

- Target
  
  5a4b55de9564e7f2319503344b69641e5fe6945268ecfddc5467c06c7b80497a
- Size
  
  19KB
- MD5
  
  81110cfc818692beb6b63945376c746e
- SHA1
  
  4b5bb488d8168ea9ab7adc18a91232bbeb162b78
- SHA256
  
  5a4b55de9564e7f2319503344b69641e5fe6945268ecfddc5467c06c7b80497a
- SHA512
  
  0176e3a7a47fa5b650728449f845b1ebbabec619d278c280db90dd0a405e65907bb6278fc5798433eb1dec8df2d1ae476140af5bce8de202e65ad938cc12c20e
- SSDEEP
  
  192:+V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2PCPaxWF8qa1Dojjgi:IqaCF31cix+Dc4zj5XFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan