cobaltstrike | 352b1c4d57332a7f0e3065a46e0f346942eaff446226ef401a8009afc7bf0985 | Triage

Sharing

General

Target

352b1c4d57332a7f0e3065a46e0f346942eaff446226ef401a8009afc7bf0985
Size

1.4MB
Sample

240614-x2kxeswgpl
MD5

b23d02488f2b39a6bc8d1025b17064ea
SHA1

8afd1cd2958d74c13e59d7e308df8809e59c0e83
SHA256

352b1c4d57332a7f0e3065a46e0f346942eaff446226ef401a8009afc7bf0985
SHA512

21a59d7f8b037dcbd859bd244800dc47117ab28d075f20d5d97e604f1acc2b6c0603a730c1c773c91bcfcba601023224c2e18b09735b680b964075faeed1912f
SSDEEP

24576:g8kWcsJu+jTXqkkNlca+RaGCo4NL2Ko9sx:nRcsEelzMf

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.16.136:808/AaLo

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727)

Targets

- Target
  
  352b1c4d57332a7f0e3065a46e0f346942eaff446226ef401a8009afc7bf0985
- Size
  
  1.4MB
- MD5
  
  b23d02488f2b39a6bc8d1025b17064ea
- SHA1
  
  8afd1cd2958d74c13e59d7e308df8809e59c0e83
- SHA256
  
  352b1c4d57332a7f0e3065a46e0f346942eaff446226ef401a8009afc7bf0985
- SHA512
  
  21a59d7f8b037dcbd859bd244800dc47117ab28d075f20d5d97e604f1acc2b6c0603a730c1c773c91bcfcba601023224c2e18b09735b680b964075faeed1912f
- SSDEEP
  
  24576:g8kWcsJu+jTXqkkNlca+RaGCo4NL2Ko9sx:nRcsEelzMf
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan