cobaltstrike | ac5096862b24412740f4a5fd0675963f9592833c09420398e0b1964c01d25479 | Triage

Sharing

General

Target

ac5096862b24412740f4a5fd0675963f9592833c09420398e0b1964c01d25479
Size

19KB
Sample

240909-nt4vwswbrn
MD5

3ada5c24a9c1801e6e2819515cf5f6de
SHA1

e95fdc9cbfc4ac2746086b820e14e9dd74fe0dee
SHA256

ac5096862b24412740f4a5fd0675963f9592833c09420398e0b1964c01d25479
SHA512

5a3a7d1df96e4afac90780c79ea8c50f018e35f51fbb033ae695b34f8543784b2ec25f33c153a30b4cac6ecadb8d4ef97bd67e17ee8f8fc557d6209fbd19ae09
SSDEEP

192:tV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2S/00SFYFz9JlWF8qa1Dojjgi:fqaCF31cix+Dc4zjBqyFz9KFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.4.10:443/mU1j

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322)

Targets

- Target
  
  ac5096862b24412740f4a5fd0675963f9592833c09420398e0b1964c01d25479
- Size
  
  19KB
- MD5
  
  3ada5c24a9c1801e6e2819515cf5f6de
- SHA1
  
  e95fdc9cbfc4ac2746086b820e14e9dd74fe0dee
- SHA256
  
  ac5096862b24412740f4a5fd0675963f9592833c09420398e0b1964c01d25479
- SHA512
  
  5a3a7d1df96e4afac90780c79ea8c50f018e35f51fbb033ae695b34f8543784b2ec25f33c153a30b4cac6ecadb8d4ef97bd67e17ee8f8fc557d6209fbd19ae09
- SSDEEP
  
  192:tV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2S/00SFYFz9JlWF8qa1Dojjgi:fqaCF31cix+Dc4zjBqyFz9KFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan