cobaltstrike | b51db00a5325ba3e6e809283c3e292151abcbdfa2d5cf03a49315ed47b397ad2 | Triage

Sharing

General

Target

b51db00a5325ba3e6e809283c3e292151abcbdfa2d5cf03a49315ed47b397ad2
Size

1.3MB
Sample

240909-nnv1ssvhlm
MD5

a2cd67e703761272ced00ae4e080e8c8
SHA1

f1817b5897f5e88c467f6d1143a84ce083f26888
SHA256

b51db00a5325ba3e6e809283c3e292151abcbdfa2d5cf03a49315ed47b397ad2
SHA512

310dab85729c28b5e4b6e99487eb88b69df7c4a660ed2b0700338c28cc8749ec5d8bbd078020102d474ac990d0980b6b1b6f5e76808bd3956457c92bbc25ecc8
SSDEEP

12288:6s/grSIft5tkGzrEjHdBqac5p/d/YVL5MUEE6cxR+2V0x+ESto3uj6d5j76U2v:6sorvtzkGzuQ/dgQUEQC+J67j+

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://49.235.122.75:80/bootstrap-2.min.js

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0)

Targets

- Target
  
  b51db00a5325ba3e6e809283c3e292151abcbdfa2d5cf03a49315ed47b397ad2
- Size
  
  1.3MB
- MD5
  
  a2cd67e703761272ced00ae4e080e8c8
- SHA1
  
  f1817b5897f5e88c467f6d1143a84ce083f26888
- SHA256
  
  b51db00a5325ba3e6e809283c3e292151abcbdfa2d5cf03a49315ed47b397ad2
- SHA512
  
  310dab85729c28b5e4b6e99487eb88b69df7c4a660ed2b0700338c28cc8749ec5d8bbd078020102d474ac990d0980b6b1b6f5e76808bd3956457c92bbc25ecc8
- SSDEEP
  
  12288:6s/grSIft5tkGzrEjHdBqac5p/d/YVL5MUEE6cxR+2V0x+ESto3uj6d5j76U2v:6sorvtzkGzuQ/dgQUEQC+J67j+
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan