cobaltstrike | 97c1494328ac03d136b0b60394d9d3e414c6d4ef72ad5158c04ad52cbd4b51e8 | Triage

Sharing

General

Target

97c1494328ac03d136b0b60394d9d3e414c6d4ef72ad5158c04ad52cbd4b51e8
Size

209KB
Sample

240614-rl745axgnn
MD5

963eeeb745d67d07458296a5a03c1da8
SHA1

e53e9754cfdd58ac82a7d12dbac811d8068dbf93
SHA256

97c1494328ac03d136b0b60394d9d3e414c6d4ef72ad5158c04ad52cbd4b51e8
SHA512

4e4cb02932a8528e19ceda7687930754baa0b6eaa595d12e11879330ea6671b2593ff59c57bc5c301e4cbff4dec135330d634d87b7b96a6c885d7b29dc83d14e
SSDEEP

6144:F1ymd15b2sPRylgiLtKoS8lMSDBcJJJ655ZZoMSV:bymd15KeRyKiLP

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://127.0.0.1:30027/PzNE

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;ENUS)

Targets

- Target
  
  97c1494328ac03d136b0b60394d9d3e414c6d4ef72ad5158c04ad52cbd4b51e8
- Size
  
  209KB
- MD5
  
  963eeeb745d67d07458296a5a03c1da8
- SHA1
  
  e53e9754cfdd58ac82a7d12dbac811d8068dbf93
- SHA256
  
  97c1494328ac03d136b0b60394d9d3e414c6d4ef72ad5158c04ad52cbd4b51e8
- SHA512
  
  4e4cb02932a8528e19ceda7687930754baa0b6eaa595d12e11879330ea6671b2593ff59c57bc5c301e4cbff4dec135330d634d87b7b96a6c885d7b29dc83d14e
- SSDEEP
  
  6144:F1ymd15b2sPRylgiLtKoS8lMSDBcJJJ655ZZoMSV:bymd15KeRyKiLP
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan