cobaltstrike | 28623803a75222a3e91d266c89f5cdec1e8639f88d1886e07ca78b3bdaab2d65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28623803a75222a3e91d266c89f5cdec1e8639f88d1886e07ca78b3bdaab2d65
Size

19KB
Sample

240719-246dcsvdnq
MD5

02c6c016b07552ce6d6ddedb7494b2cf
SHA1

3d77a345772306c6a0f8a01e5ebb463b4267809b
SHA256

28623803a75222a3e91d266c89f5cdec1e8639f88d1886e07ca78b3bdaab2d65
SHA512

736d27664430855426ccb4b49fc805ca8996b9a970370e3df3ab97a84772b732c2ff629a11d9f116446c326e5a8ce7c4586152d8763be17d7919aedef37710ac
SSDEEP

192:DV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2aCxbWF8qa1Dojjgi:tqaCF31cix+Dc4zj/4iFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://gcore.com:443/znC2

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.2; InfoPath.3) Host: www.wx.com

Targets

- Target
  
  28623803a75222a3e91d266c89f5cdec1e8639f88d1886e07ca78b3bdaab2d65
- Size
  
  19KB
- MD5
  
  02c6c016b07552ce6d6ddedb7494b2cf
- SHA1
  
  3d77a345772306c6a0f8a01e5ebb463b4267809b
- SHA256
  
  28623803a75222a3e91d266c89f5cdec1e8639f88d1886e07ca78b3bdaab2d65
- SHA512
  
  736d27664430855426ccb4b49fc805ca8996b9a970370e3df3ab97a84772b732c2ff629a11d9f116446c326e5a8ce7c4586152d8763be17d7919aedef37710ac
- SSDEEP
  
  192:DV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2aCxbWF8qa1Dojjgi:tqaCF31cix+Dc4zj/4iFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan