cobaltstrike | 34bee440c8879ff24629a7852aaf146884fb7ef243819ef5784ff4c8a20479f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34bee440c8879ff24629a7852aaf146884fb7ef243819ef5784ff4c8a20479f0.exe
Size

46KB
Sample

240725-x42myszbmj
MD5

94d806a96f201b4ee9f1d14e350e205e
SHA1

a9e5c99ee03d1e8d5aa6e80b5387b20c25bc874d
SHA256

34bee440c8879ff24629a7852aaf146884fb7ef243819ef5784ff4c8a20479f0
SHA512

c71e15f522ca868463497c2e8bdfc4eaf13cdf12b66f9ef7d461b0bbce7d0c0850490e2a3231a9060c8f6975153b25482aef0e3aab5d9fec88aa6628613bc1b0
SSDEEP

768:p+Pi8WxoIoKkvgSiCbfK/BwhXC6Gc5k0iAd8NL2As8rV6tLAYzqIIYY1efqnv5dU:p+K5xoIoKkxZbfKcC6Gc5k0iAdasMYt3

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.1.211:4433/fIdJ

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; MANM)

Targets

- Target
  
  34bee440c8879ff24629a7852aaf146884fb7ef243819ef5784ff4c8a20479f0.exe
- Size
  
  46KB
- MD5
  
  94d806a96f201b4ee9f1d14e350e205e
- SHA1
  
  a9e5c99ee03d1e8d5aa6e80b5387b20c25bc874d
- SHA256
  
  34bee440c8879ff24629a7852aaf146884fb7ef243819ef5784ff4c8a20479f0
- SHA512
  
  c71e15f522ca868463497c2e8bdfc4eaf13cdf12b66f9ef7d461b0bbce7d0c0850490e2a3231a9060c8f6975153b25482aef0e3aab5d9fec88aa6628613bc1b0
- SSDEEP
  
  768:p+Pi8WxoIoKkvgSiCbfK/BwhXC6Gc5k0iAd8NL2As8rV6tLAYzqIIYY1efqnv5dU:p+K5xoIoKkxZbfKcC6Gc5k0iAdasMYt3
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan