cobaltstrike | ec62301a4f58ed7128676dea579a6ed79e1385f872a51f56fc855bbbd5ceae5a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec62301a4f58ed7128676dea579a6ed79e1385f872a51f56fc855bbbd5ceae5a
Size

124KB
Sample

240812-mpaktaxdln
MD5

e5d5bc6895f8cfe9f7dbef3ee887db24
SHA1

e6578ce3eb8d90c0fe8fed7ab2bc53ccb71b6e33
SHA256

ec62301a4f58ed7128676dea579a6ed79e1385f872a51f56fc855bbbd5ceae5a
SHA512

c8c26746fd8b1150ae264a9476f2cafcfb4be58e0837805d3415a54c6aedb759339929b4c1a50dc1ec75865eead0d47aab927e6ed55cb59d3c2a5b8bb8509d90
SSDEEP

3072:kYMUKyusCB66w9qLPrNVp+FllLXkfCwCHzvBIYIKOAIWUU:BsB9w9qjr4zHTBOjU

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://118.178.229.180:8081/i2qQ

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MAGWJS)

Targets

- Target
  
  ec62301a4f58ed7128676dea579a6ed79e1385f872a51f56fc855bbbd5ceae5a
- Size
  
  124KB
- MD5
  
  e5d5bc6895f8cfe9f7dbef3ee887db24
- SHA1
  
  e6578ce3eb8d90c0fe8fed7ab2bc53ccb71b6e33
- SHA256
  
  ec62301a4f58ed7128676dea579a6ed79e1385f872a51f56fc855bbbd5ceae5a
- SHA512
  
  c8c26746fd8b1150ae264a9476f2cafcfb4be58e0837805d3415a54c6aedb759339929b4c1a50dc1ec75865eead0d47aab927e6ed55cb59d3c2a5b8bb8509d90
- SSDEEP
  
  3072:kYMUKyusCB66w9qLPrNVp+FllLXkfCwCHzvBIYIKOAIWUU:BsB9w9qjr4zHTBOjU
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan