cobaltstrike | 88c8db0a05c4329187c1d887869ae8786bc912d5b6f9624093ae7b818f42c5d3 | Triage

Sharing

General

Target

a.exe
Size

19KB
Sample

240614-yeb7faxbjm
MD5

a3eb49b7dce841199a2882b7d1c27a57
SHA1

fb8778138b1a4186ad26d5c3a192bb07d09d4224
SHA256

88c8db0a05c4329187c1d887869ae8786bc912d5b6f9624093ae7b818f42c5d3
SHA512

88e9c9e6306f5278ea18c62b3e3ae15bf1e1ece6c115ef368e0e8cffd99629a2144492811777ea5b696e4830869b0735bf8f0cdd24a4912887ba3c7e01da4c32
SSDEEP

192:GV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2BOYMWF8qa1Dojjgi:gqaCF31cix+Dc4zjCFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://161.35.168.216:4444/DVXk

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; BOIE8;ENUS)

Targets

- Target
  
  a.exe
- Size
  
  19KB
- MD5
  
  a3eb49b7dce841199a2882b7d1c27a57
- SHA1
  
  fb8778138b1a4186ad26d5c3a192bb07d09d4224
- SHA256
  
  88c8db0a05c4329187c1d887869ae8786bc912d5b6f9624093ae7b818f42c5d3
- SHA512
  
  88e9c9e6306f5278ea18c62b3e3ae15bf1e1ece6c115ef368e0e8cffd99629a2144492811777ea5b696e4830869b0735bf8f0cdd24a4912887ba3c7e01da4c32
- SSDEEP
  
  192:GV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2BOYMWF8qa1Dojjgi:gqaCF31cix+Dc4zjCFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan