cobaltstrike | ab94999718c44989afcd3defb6cc842494f69ece76ebe9b87a64afb134b306e6 | Triage

Sharing

General

Target

ab94999718c44989afcd3defb6cc842494f69ece76ebe9b87a64afb134b306e6
Size

109KB
Sample

240919-x8kv1axalk
MD5

b527a6aaeeff3065b85d4d8ef748acf0
SHA1

92cd10e77d599cd67144c4929df4260bbe873276
SHA256

ab94999718c44989afcd3defb6cc842494f69ece76ebe9b87a64afb134b306e6
SHA512

7886d609e33a09e67cd0b91b8904501574fef4b422f175f1728d71152f73a4f5032acadc5c95f5f3983a8db807e4393ce80c05e86445bb92dcf081ac89d49759
SSDEEP

1536:uiRJCENoxYwag7C2ksQbQblSaufE4bgU1Ahd5cwEvsW3d/9dlcfU:uiRJC7d/qbQRvufEIgU1K5dEL/2fU

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://172.26.218.210:11111/Ks3l

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0)

Targets

- Target
  
  ab94999718c44989afcd3defb6cc842494f69ece76ebe9b87a64afb134b306e6
- Size
  
  109KB
- MD5
  
  b527a6aaeeff3065b85d4d8ef748acf0
- SHA1
  
  92cd10e77d599cd67144c4929df4260bbe873276
- SHA256
  
  ab94999718c44989afcd3defb6cc842494f69ece76ebe9b87a64afb134b306e6
- SHA512
  
  7886d609e33a09e67cd0b91b8904501574fef4b422f175f1728d71152f73a4f5032acadc5c95f5f3983a8db807e4393ce80c05e86445bb92dcf081ac89d49759
- SSDEEP
  
  1536:uiRJCENoxYwag7C2ksQbQblSaufE4bgU1Ahd5cwEvsW3d/9dlcfU:uiRJC7d/qbQRvufEIgU1K5dEL/2fU
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan