cobaltstrike | a0d58a84d94f1390102bbe62299ef4690830528f39bcd342afec16d39904f2b2 | Triage

Sharing

General

Target

ccef617503eb34dcf435358595f84270_NeikiAnalytics.exe
Size

17KB
Sample

240616-csc51azapm
MD5

ccef617503eb34dcf435358595f84270
SHA1

a5dc3584b97cc94b185ed05cac898836082f19b5
SHA256

a0d58a84d94f1390102bbe62299ef4690830528f39bcd342afec16d39904f2b2
SHA512

180bc1c66421a0b2a9bc91dce0b1695c6c90c24672d1ea6a54c079a66c165b4dac5ada119d056e9e37699d72ae64b077c4ee33647a8cc760b2a01f5322d83706
SSDEEP

192:6DMAe4Ckj19RZZ6wpSfu1bKcq5uHj7khBDSeKNH4yGMKXBUbOj6kxiY:6DMAoKz6WtKEj7aBDirYXbAY

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://111.229.34.147:1111/ElBj

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MALC)

Targets

- Target
  
  ccef617503eb34dcf435358595f84270_NeikiAnalytics.exe
- Size
  
  17KB
- MD5
  
  ccef617503eb34dcf435358595f84270
- SHA1
  
  a5dc3584b97cc94b185ed05cac898836082f19b5
- SHA256
  
  a0d58a84d94f1390102bbe62299ef4690830528f39bcd342afec16d39904f2b2
- SHA512
  
  180bc1c66421a0b2a9bc91dce0b1695c6c90c24672d1ea6a54c079a66c165b4dac5ada119d056e9e37699d72ae64b077c4ee33647a8cc760b2a01f5322d83706
- SSDEEP
  
  192:6DMAe4Ckj19RZZ6wpSfu1bKcq5uHj7khBDSeKNH4yGMKXBUbOj6kxiY:6DMAoKz6WtKEj7aBDirYXbAY
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan