cobaltstrike | a8a8dcff4dbf682cd7a476a624bfc001370d9bb54a183147806357f74a1bd5ea | Triage

Sharing

General

Target

a8a8dcff4dbf682cd7a476a624bfc001370d9bb54a183147806357f74a1bd5ea
Size

7.0MB
Sample

240921-qsmlbsvdlr
MD5

08d881d5ca264ad2d728af9b0949de28
SHA1

09cdb77a2c2f0020ad387e8d63cc6b2072528775
SHA256

a8a8dcff4dbf682cd7a476a624bfc001370d9bb54a183147806357f74a1bd5ea
SHA512

92f0d1b6f4d758b5b87ef8a26e38ae230e6d4022176acbea5cb6d2b65dea98e04f5016e3b28ad72d41757afc69741cc2a434640de5a5df0e48ec3753eda6148b
SSDEEP

196608:+QaQA1HeT39IigleE9TFa0Z8DOjCdylwSQyyeoD:wp1+TtIiHY9Z8D8Cclw5bD

Score

10^/10

cobaltstrike backdoor pyinstaller trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.145.171:4444/jPIZ

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; ; NCLIENT50_AAPCDA5841E333)

Targets

- Target
  
  a8a8dcff4dbf682cd7a476a624bfc001370d9bb54a183147806357f74a1bd5ea
- Size
  
  7.0MB
- MD5
  
  08d881d5ca264ad2d728af9b0949de28
- SHA1
  
  09cdb77a2c2f0020ad387e8d63cc6b2072528775
- SHA256
  
  a8a8dcff4dbf682cd7a476a624bfc001370d9bb54a183147806357f74a1bd5ea
- SHA512
  
  92f0d1b6f4d758b5b87ef8a26e38ae230e6d4022176acbea5cb6d2b65dea98e04f5016e3b28ad72d41757afc69741cc2a434640de5a5df0e48ec3753eda6148b
- SSDEEP
  
  196608:+QaQA1HeT39IigleE9TFa0Z8DOjCdylwSQyyeoD:wp1+TtIiHY9Z8D8Cclw5bD
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan