cobaltstrike | 253fe0031c27d319e214b5c0fb4a0749968c7d39cae44a15ffdd1d7354581a3f | Triage

Sharing

General

Target

253fe0031c27d319e214b5c0fb4a0749968c7d39cae44a15ffdd1d7354581a3f
Size

19KB
Sample

240915-qqnevavgpb
MD5

1e44191312ca18e2cd7e2c53493ece48
SHA1

bded3eba14c8c58f5c1d10ff30ae4dc71ebc5861
SHA256

253fe0031c27d319e214b5c0fb4a0749968c7d39cae44a15ffdd1d7354581a3f
SHA512

6a07b3ebd2d1426796e40fc46c1e0748559415646fd54183adf5ba7919d52343e16241aeac787cae0e12a312e6945a6b71c915813fd0d47e8e5fccf6153e5cde
SSDEEP

192:UV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2mK/zTWF8qa1Dojjgi:GqaCF31cix+Dc4zjyOFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.238.134:80/Vx9V

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MDDCJS)

Targets

- Target
  
  253fe0031c27d319e214b5c0fb4a0749968c7d39cae44a15ffdd1d7354581a3f
- Size
  
  19KB
- MD5
  
  1e44191312ca18e2cd7e2c53493ece48
- SHA1
  
  bded3eba14c8c58f5c1d10ff30ae4dc71ebc5861
- SHA256
  
  253fe0031c27d319e214b5c0fb4a0749968c7d39cae44a15ffdd1d7354581a3f
- SHA512
  
  6a07b3ebd2d1426796e40fc46c1e0748559415646fd54183adf5ba7919d52343e16241aeac787cae0e12a312e6945a6b71c915813fd0d47e8e5fccf6153e5cde
- SSDEEP
  
  192:UV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2mK/zTWF8qa1Dojjgi:GqaCF31cix+Dc4zjyOFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan