cobaltstrike | 3a5bac511ff0a1131c8b6a410aa6ed7c0f8e8a5a33314e03bcf95a949241b64c | Triage

Sharing

General

Target

Trojan.Win64.Bulz.SPVV.MTB-3a5bac511ff0a1131c8b6a410aa6ed7c0f8e8a5a33314e03bcf95a949241b64cN
Size

17KB
Sample

240916-vdd3vsydqh
MD5

f5f683b8a71d2688b375d318680b8680
SHA1

e214d620fec14cc8e6ee5236b677fdf5bf1358b0
SHA256

3a5bac511ff0a1131c8b6a410aa6ed7c0f8e8a5a33314e03bcf95a949241b64c
SHA512

077e542c7a32168946befc181c9790cd4c03802fb3e4f0072343d05c77cbd545d29253185b0132c6f3a6417cf790c014ce50a0dd6b53f87f428a7a23b233f333
SSDEEP

192:rDMAe4Ckj19RZZ6wpSfu1bKcq5uHj7khBDSeKNH4yABUbOj6kxiY:rDMAoKz6WtKEj7aBDiLAbAY

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://81.70.22.105:10005/AUfa

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0)

Targets

- Target
  
  Trojan.Win64.Bulz.SPVV.MTB-3a5bac511ff0a1131c8b6a410aa6ed7c0f8e8a5a33314e03bcf95a949241b64cN
- Size
  
  17KB
- MD5
  
  f5f683b8a71d2688b375d318680b8680
- SHA1
  
  e214d620fec14cc8e6ee5236b677fdf5bf1358b0
- SHA256
  
  3a5bac511ff0a1131c8b6a410aa6ed7c0f8e8a5a33314e03bcf95a949241b64c
- SHA512
  
  077e542c7a32168946befc181c9790cd4c03802fb3e4f0072343d05c77cbd545d29253185b0132c6f3a6417cf790c014ce50a0dd6b53f87f428a7a23b233f333
- SSDEEP
  
  192:rDMAe4Ckj19RZZ6wpSfu1bKcq5uHj7khBDSeKNH4yABUbOj6kxiY:rDMAoKz6WtKEj7aBDiLAbAY
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan