cobaltstrike | 7c72e4793b2aa5407153b54b427040a466595a52d96f7a632523de23003c63d0 | Triage

Sharing

General

Target

7c72e4793b2aa5407153b54b427040a466595a52d96f7a632523de23003c63d0
Size

1.3MB
Sample

240912-sj6zqa1bjq
MD5

68d421e637be00f118edc6205518fc2c
SHA1

6eb14b1b6f85542b38e02fc15dd5020c48ffdd24
SHA256

7c72e4793b2aa5407153b54b427040a466595a52d96f7a632523de23003c63d0
SHA512

a6087976c2be1fe909646ed346a1f96a7f2463ee95ce7ccfb923c791804f3d6a430b74028e0db672e1dbd0bae390ff1e5bb7be09c19942146350ecf279ea3054
SSDEEP

12288:D3sXm99oq60jkgtuHeUIVJKoIIKfWbgbvRKW9zDeWTN7lDh1P:oyqq60jvKeF0fWbgbv4WYW57z1P

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://167.71.215.63:443/1hJz

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Targets

- Target
  
  7c72e4793b2aa5407153b54b427040a466595a52d96f7a632523de23003c63d0
- Size
  
  1.3MB
- MD5
  
  68d421e637be00f118edc6205518fc2c
- SHA1
  
  6eb14b1b6f85542b38e02fc15dd5020c48ffdd24
- SHA256
  
  7c72e4793b2aa5407153b54b427040a466595a52d96f7a632523de23003c63d0
- SHA512
  
  a6087976c2be1fe909646ed346a1f96a7f2463ee95ce7ccfb923c791804f3d6a430b74028e0db672e1dbd0bae390ff1e5bb7be09c19942146350ecf279ea3054
- SSDEEP
  
  12288:D3sXm99oq60jkgtuHeUIVJKoIIKfWbgbvRKW9zDeWTN7lDh1P:oyqq60jvKeF0fWbgbv4WYW57z1P
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan