cobaltstrike | be5dcf3f693ac4807fd5ec93946daa14e4e4d70dfd406e5e7fe15ce8c240b096 | Triage

Sharing

General

Target

be5dcf3f693ac4807fd5ec93946daa14e4e4d70dfd406e5e7fe15ce8c240b096
Size

19KB
Sample

240913-l5p5rsxfrc
MD5

112f3df394196d7b98e44550b6793cd4
SHA1

1bc76955445a9aaacc735130b830002431263076
SHA256

be5dcf3f693ac4807fd5ec93946daa14e4e4d70dfd406e5e7fe15ce8c240b096
SHA512

c308866edc36cc712c903b499eca2432c3e22d8c0a7cc27bd0a5996a5301f4dd9b0d7e6c1d9cf1bd96e32ceeca10da08eb764a6faa50715116527d23c1af6a86
SSDEEP

192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2p0WF8qa1Dojjgi:iqaCF31cix+Dc4zj0BFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://10.20.0.116:8020/ZbTM

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;SVSE)

Targets

- Target
  
  be5dcf3f693ac4807fd5ec93946daa14e4e4d70dfd406e5e7fe15ce8c240b096
- Size
  
  19KB
- MD5
  
  112f3df394196d7b98e44550b6793cd4
- SHA1
  
  1bc76955445a9aaacc735130b830002431263076
- SHA256
  
  be5dcf3f693ac4807fd5ec93946daa14e4e4d70dfd406e5e7fe15ce8c240b096
- SHA512
  
  c308866edc36cc712c903b499eca2432c3e22d8c0a7cc27bd0a5996a5301f4dd9b0d7e6c1d9cf1bd96e32ceeca10da08eb764a6faa50715116527d23c1af6a86
- SSDEEP
  
  192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2p0WF8qa1Dojjgi:iqaCF31cix+Dc4zj0BFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan