cobaltstrike | dd2c4e042e4a514ce9e22b5964f83414289e942de6275e92e2c92b6da1eefa61 | Triage

Sharing

General

Target

dd2c4e042e4a514ce9e22b5964f83414289e942de6275e92e2c92b6da1eefa61
Size

3.4MB
Sample

240915-mm81lazfln
MD5

334433d72b26505f0ace324d63345c15
SHA1

a23a233ca4cd96ae810a0cbdec1e13cce8360d9a
SHA256

dd2c4e042e4a514ce9e22b5964f83414289e942de6275e92e2c92b6da1eefa61
SHA512

69c3502041405bcae3205cc715620a80c94e508fdf24366b1a22f1b30d1439736f0b5d6eebd9b9cdbbfd7e8a500c5e6572a7043c2ebc6072a44565a13fab455c
SSDEEP

49152:vCy9lQ/PHFL8kYmeYzZwjdd+2kOkdEel2h1t:sN8k7zG5d+3dP2

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://150.158.38.230:443/api/v2/getinfo

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0) Host: updatetime.msn.cn

Targets

- Target
  
  dd2c4e042e4a514ce9e22b5964f83414289e942de6275e92e2c92b6da1eefa61
- Size
  
  3.4MB
- MD5
  
  334433d72b26505f0ace324d63345c15
- SHA1
  
  a23a233ca4cd96ae810a0cbdec1e13cce8360d9a
- SHA256
  
  dd2c4e042e4a514ce9e22b5964f83414289e942de6275e92e2c92b6da1eefa61
- SHA512
  
  69c3502041405bcae3205cc715620a80c94e508fdf24366b1a22f1b30d1439736f0b5d6eebd9b9cdbbfd7e8a500c5e6572a7043c2ebc6072a44565a13fab455c
- SSDEEP
  
  49152:vCy9lQ/PHFL8kYmeYzZwjdd+2kOkdEel2h1t:sN8k7zG5d+3dP2
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan