cobaltstrike | f484b4fd48f46e9bc0441de3c37a7795cb13326567a9433c65184992638c683b | Triage

Sharing

General

Target

f484b4fd48f46e9bc0441de3c37a7795cb13326567a9433c65184992638c683b
Size

1.8MB
Sample

240809-wnwlbsxdmh
MD5

d002e9048d07dec98f87019af7532c1d
SHA1

ab929282e0fa6d7bf7d6e7edf5fdbb44fcef65ed
SHA256

f484b4fd48f46e9bc0441de3c37a7795cb13326567a9433c65184992638c683b
SHA512

ac75211558aacf5a2a6a4c42205c6bd8f3b8ffa8d450c27d3c19aba40f8fa7848896bbad20814ae9b6ca5ef7ddacbfbb812a029df5da26638c5b135f0ad62894
SSDEEP

49152:4UkoetIlEbmG+cwnVJ3BRwWfT7c68wys4XdA4zl:znVyow68ZXXdd

Score

10^/10

cobaltstrike backdoor discovery trojan

Malware Config

Targets

- Target
  
  f484b4fd48f46e9bc0441de3c37a7795cb13326567a9433c65184992638c683b
- Size
  
  1.8MB
- MD5
  
  d002e9048d07dec98f87019af7532c1d
- SHA1
  
  ab929282e0fa6d7bf7d6e7edf5fdbb44fcef65ed
- SHA256
  
  f484b4fd48f46e9bc0441de3c37a7795cb13326567a9433c65184992638c683b
- SHA512
  
  ac75211558aacf5a2a6a4c42205c6bd8f3b8ffa8d450c27d3c19aba40f8fa7848896bbad20814ae9b6ca5ef7ddacbfbb812a029df5da26638c5b135f0ad62894
- SSDEEP
  
  49152:4UkoetIlEbmG+cwnVJ3BRwWfT7c68wys4XdA4zl:znVyow68ZXXdd
Score

10^/10

cobaltstrike backdoor discovery trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cobaltstrikebackdoordiscoverytrojan

behavioral2

cobaltstrikebackdoordiscoverytrojan