cobaltstrike | 0ffce3f574c3b14c7142db318925cbef540d7ef11d1037bbbbbf040b00a42165 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ffce3f574c3b14c7142db318925cbef540d7ef11d1037bbbbbf040b00a42165
Size

63KB
Sample

240814-qjz53atgph
MD5

c79a2b0d7b91ceb8d4f57d6b48fbb641
SHA1

0665ec276e0b830a548a686358958c5ae7280059
SHA256

0ffce3f574c3b14c7142db318925cbef540d7ef11d1037bbbbbf040b00a42165
SHA512

575eb0a5581d874ae1da3efa5c4016d64d68fb9faa01187ffad3c8e33bd6b0a896dc7368734cf601f8f9e9c029836e7a8ef803ee9741c8e137d83bd0c49448af
SSDEEP

768:60qffXMlq8FMtr6tIte6ir1OZS+d1ykeYnXlaPoqQd2ft7VT:ZgLiMtir16S+d1ykxWoqQd2fHT

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.109.178.11:4444/HekE

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch; ASU2JS)

Targets

- Target
  
  0ffce3f574c3b14c7142db318925cbef540d7ef11d1037bbbbbf040b00a42165
- Size
  
  63KB
- MD5
  
  c79a2b0d7b91ceb8d4f57d6b48fbb641
- SHA1
  
  0665ec276e0b830a548a686358958c5ae7280059
- SHA256
  
  0ffce3f574c3b14c7142db318925cbef540d7ef11d1037bbbbbf040b00a42165
- SHA512
  
  575eb0a5581d874ae1da3efa5c4016d64d68fb9faa01187ffad3c8e33bd6b0a896dc7368734cf601f8f9e9c029836e7a8ef803ee9741c8e137d83bd0c49448af
- SSDEEP
  
  768:60qffXMlq8FMtr6tIte6ir1OZS+d1ykeYnXlaPoqQd2ft7VT:ZgLiMtir16S+d1ykxWoqQd2fHT
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan