cobaltstrike | 81f524521a6befe6be8811141036271ea7f5c28eb0e24fef5fc2c489c25123af | Triage

Sharing

General

Target

81f524521a6befe6be8811141036271ea7f5c28eb0e24fef5fc2c489c25123af
Size

19KB
Sample

240910-ybgyhssfng
MD5

ba98726b9bece93ef9217bca923b0875
SHA1

c35a0654ed9e3f41cc7ad3dfe76a082893b0ab25
SHA256

81f524521a6befe6be8811141036271ea7f5c28eb0e24fef5fc2c489c25123af
SHA512

9e4d6525e6c95ea6cd02525d77cfb283b7f64b50a8849c0e41b81cdbb6bc73d6c447641828d9024b5d65cb52ccf2bc474f85e096e5c63d0afe50f3f0f76d926e
SSDEEP

192:VV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2Kh4wpWF8qa1Dojjgi:3qaCF31cix+Dc4zjDB0FF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.232.128:7878/jGv6

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

Targets

- Target
  
  81f524521a6befe6be8811141036271ea7f5c28eb0e24fef5fc2c489c25123af
- Size
  
  19KB
- MD5
  
  ba98726b9bece93ef9217bca923b0875
- SHA1
  
  c35a0654ed9e3f41cc7ad3dfe76a082893b0ab25
- SHA256
  
  81f524521a6befe6be8811141036271ea7f5c28eb0e24fef5fc2c489c25123af
- SHA512
  
  9e4d6525e6c95ea6cd02525d77cfb283b7f64b50a8849c0e41b81cdbb6bc73d6c447641828d9024b5d65cb52ccf2bc474f85e096e5c63d0afe50f3f0f76d926e
- SSDEEP
  
  192:VV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2Kh4wpWF8qa1Dojjgi:3qaCF31cix+Dc4zjDB0FF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan