cobaltstrike | eab55047f37c9a77ef850b668a3e39241757b9f9f5f5a37e8e684d1a0edd717a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7de77680e176b7beac3ba09dc08b2410N.exe
Size

17KB
Sample

240721-hbs3saxemp
MD5

7de77680e176b7beac3ba09dc08b2410
SHA1

12c63c50a7529537ba4644d8a1ad9183b8b53971
SHA256

eab55047f37c9a77ef850b668a3e39241757b9f9f5f5a37e8e684d1a0edd717a
SHA512

bed590c84a9fe244c084606ccd50ce063f6059d1d3126fd449b55e917f06956a1b8a534bdd764e5d6026a6a3f9b589e7fd30fb02980d9da2817181314eb60672
SSDEEP

192:aWA0TJAPyjLHY219R8C6wtQbYu2KmbxQ2C04kvWgepEt2EGmVHgI7j6EUbOD6kxB:DA0TJASPp6p/D43FvWgepa736IAY

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://39.96.33.178:1111/Xk2h

Attributes

user_agent
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0

Targets

- Target
  
  7de77680e176b7beac3ba09dc08b2410N.exe
- Size
  
  17KB
- MD5
  
  7de77680e176b7beac3ba09dc08b2410
- SHA1
  
  12c63c50a7529537ba4644d8a1ad9183b8b53971
- SHA256
  
  eab55047f37c9a77ef850b668a3e39241757b9f9f5f5a37e8e684d1a0edd717a
- SHA512
  
  bed590c84a9fe244c084606ccd50ce063f6059d1d3126fd449b55e917f06956a1b8a534bdd764e5d6026a6a3f9b589e7fd30fb02980d9da2817181314eb60672
- SSDEEP
  
  192:aWA0TJAPyjLHY219R8C6wtQbYu2KmbxQ2C04kvWgepEt2EGmVHgI7j6EUbOD6kxB:DA0TJASPp6p/D43FvWgepa736IAY
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan