cobaltstrike | 8591414faeeaf0c711df8c5bc16b63dbe5012424582de92ffc8183630ff877e6 | Triage

Sharing

General

Target

df6eff95999e5095f1a6a243a57ca600_NeikiAnalytics.exe
Size

19KB
Sample

240616-hy5p4ayamq
MD5

df6eff95999e5095f1a6a243a57ca600
SHA1

3904f817c5ddb9d13efde0e711204d659b9d9151
SHA256

8591414faeeaf0c711df8c5bc16b63dbe5012424582de92ffc8183630ff877e6
SHA512

ad01a17c1c201294361cef2418944209f9b668b9d34af21f566aaf1199e988505417384e25c4ab189c54e63ab42e8037a196467bcaceb1913da0ba4bf51019f3
SSDEEP

192:OV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/22VWF8qa1Dojjgi:YqaCF31cix+Dc4zjUFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://miku.kirtoly.cc:443/Zc4l

Attributes

user_agent
User-Agent: Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 5.2) Java/1.5.0_08 Host: miku.kirtoly.cc

Targets

- Target
  
  df6eff95999e5095f1a6a243a57ca600_NeikiAnalytics.exe
- Size
  
  19KB
- MD5
  
  df6eff95999e5095f1a6a243a57ca600
- SHA1
  
  3904f817c5ddb9d13efde0e711204d659b9d9151
- SHA256
  
  8591414faeeaf0c711df8c5bc16b63dbe5012424582de92ffc8183630ff877e6
- SHA512
  
  ad01a17c1c201294361cef2418944209f9b668b9d34af21f566aaf1199e988505417384e25c4ab189c54e63ab42e8037a196467bcaceb1913da0ba4bf51019f3
- SSDEEP
  
  192:OV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/22VWF8qa1Dojjgi:YqaCF31cix+Dc4zjUFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan