cobaltstrike | ac9c1128d5049346c90adf96c1f8f403a69743ee4e198867d54168e838300566 | Triage

Sharing

General

Target

ac9c1128d5049346c90adf96c1f8f403a69743ee4e198867d54168e838300566
Size

19KB
Sample

240614-rly68atglc
MD5

acae7bc65f0e1d49a34cc8db0fe07b95
SHA1

d9ccc96bbbb5940089002abaa2c1feda7d255ebb
SHA256

ac9c1128d5049346c90adf96c1f8f403a69743ee4e198867d54168e838300566
SHA512

f8b108159a659af717551475280fb91357a5d6ae1e9d464976f177236a0ba970be79c260e64aa1ceb20d232317c5ed5f66bf120ad34c70853fcaa6531603d078
SSDEEP

192:+V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2Xt0VrtWF8qa1Dojjgi:IqaCF31cix+Dc4zjRrAFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://120.46.182.53:12345/TkSK

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)

Targets

- Target
  
  ac9c1128d5049346c90adf96c1f8f403a69743ee4e198867d54168e838300566
- Size
  
  19KB
- MD5
  
  acae7bc65f0e1d49a34cc8db0fe07b95
- SHA1
  
  d9ccc96bbbb5940089002abaa2c1feda7d255ebb
- SHA256
  
  ac9c1128d5049346c90adf96c1f8f403a69743ee4e198867d54168e838300566
- SHA512
  
  f8b108159a659af717551475280fb91357a5d6ae1e9d464976f177236a0ba970be79c260e64aa1ceb20d232317c5ed5f66bf120ad34c70853fcaa6531603d078
- SSDEEP
  
  192:+V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2Xt0VrtWF8qa1Dojjgi:IqaCF31cix+Dc4zjRrAFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan