cobaltstrike | 2210845f0274e605766418df2a9f81c15d8e1f383e445a5b01a385fbfecc9fa3 | Triage

Sharing

General

Target

a.exe
Size

19KB
Sample

240824-2xs5fswdjm
MD5

06acac40f95b938cc52dd263fd39f631
SHA1

48143e0e7c6909471c855cc73331817aa4550adf
SHA256

2210845f0274e605766418df2a9f81c15d8e1f383e445a5b01a385fbfecc9fa3
SHA512

52588d483235c741beb2c4fb9414e0a5ee4b21e05e63e5e9b55ef78942c55be383fb800381a14f010084b7a999ee685700ec2d36f93df2e336915f27290e6c64
SSDEEP

192:EV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/20OdNYqMgWF8qa1Dojjgi:2qaCF31cix+Dc4zjeNkFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://106.15.67.102:80/YJCw

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2)

Targets

- Target
  
  a.exe
- Size
  
  19KB
- MD5
  
  06acac40f95b938cc52dd263fd39f631
- SHA1
  
  48143e0e7c6909471c855cc73331817aa4550adf
- SHA256
  
  2210845f0274e605766418df2a9f81c15d8e1f383e445a5b01a385fbfecc9fa3
- SHA512
  
  52588d483235c741beb2c4fb9414e0a5ee4b21e05e63e5e9b55ef78942c55be383fb800381a14f010084b7a999ee685700ec2d36f93df2e336915f27290e6c64
- SSDEEP
  
  192:EV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/20OdNYqMgWF8qa1Dojjgi:2qaCF31cix+Dc4zjeNkFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan