cobaltstrike | 2c28a8fb1ddc9c7e79647157f2e9a8863ccf77190d393f969e61e9062a1745e7 | Triage

Sharing

General

Target

2c28a8fb1ddc9c7e79647157f2e9a8863ccf77190d393f969e61e9062a1745e7
Size

110KB
Sample

240919-zmqkgazdrc
MD5

10062d08668e980ec8cb0c0db7470063
SHA1

3a3430f23eb0705809a556a90975e7a242cb4b6a
SHA256

2c28a8fb1ddc9c7e79647157f2e9a8863ccf77190d393f969e61e9062a1745e7
SHA512

4072387146bf72836dc39c22b5051c2fe9b5f2e55ad4074e72137be5b172493a751620d45a3f29838d3c6f3bf18eca1681db230b57da28986479bbc78bb8140e
SSDEEP

3072:cB1nFpIMGJbzgTUeIcYSlxUq13SlbkYjdv:CFFp7GJzlcYSE2Sz

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://172.26.218.210:11111/YAkX

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1)

Targets

- Target
  
  2c28a8fb1ddc9c7e79647157f2e9a8863ccf77190d393f969e61e9062a1745e7
- Size
  
  110KB
- MD5
  
  10062d08668e980ec8cb0c0db7470063
- SHA1
  
  3a3430f23eb0705809a556a90975e7a242cb4b6a
- SHA256
  
  2c28a8fb1ddc9c7e79647157f2e9a8863ccf77190d393f969e61e9062a1745e7
- SHA512
  
  4072387146bf72836dc39c22b5051c2fe9b5f2e55ad4074e72137be5b172493a751620d45a3f29838d3c6f3bf18eca1681db230b57da28986479bbc78bb8140e
- SSDEEP
  
  3072:cB1nFpIMGJbzgTUeIcYSlxUq13SlbkYjdv:CFFp7GJzlcYSE2Sz
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan