cobaltstrike | 2f7cbbeebffca580211a70f6ae5a1fd4251dadbd3123a9c459b20496199aae6d | Triage

Sharing

General

Target

2f7cbbeebffca580211a70f6ae5a1fd4251dadbd3123a9c459b20496199aae6d
Size

19KB
Sample

240912-xegaqaydme
MD5

2a4b59a85d167776c6a75c862b58a4e6
SHA1

4855c5cb51b8891f14fa8949939726011077e987
SHA256

2f7cbbeebffca580211a70f6ae5a1fd4251dadbd3123a9c459b20496199aae6d
SHA512

566853cc251d5e307bce9e01ad905a96c546dc4b0a1f78a3ee78e97a43b310032236116dde09f784e0c104bed2017bd6e7eecd68aa51c7acef393cdfb3293c8f
SSDEEP

192:YV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2x6G/WXWF8qa1Dojjgi:KqaCF31cix+Dc4zjU6G/DFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://124.222.169.202:8887/caXA

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; NP08; MAAU; NP08)

Targets

- Target
  
  2f7cbbeebffca580211a70f6ae5a1fd4251dadbd3123a9c459b20496199aae6d
- Size
  
  19KB
- MD5
  
  2a4b59a85d167776c6a75c862b58a4e6
- SHA1
  
  4855c5cb51b8891f14fa8949939726011077e987
- SHA256
  
  2f7cbbeebffca580211a70f6ae5a1fd4251dadbd3123a9c459b20496199aae6d
- SHA512
  
  566853cc251d5e307bce9e01ad905a96c546dc4b0a1f78a3ee78e97a43b310032236116dde09f784e0c104bed2017bd6e7eecd68aa51c7acef393cdfb3293c8f
- SSDEEP
  
  192:YV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2x6G/WXWF8qa1Dojjgi:KqaCF31cix+Dc4zjU6G/DFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan