cobaltstrike | bb4a9118301489811d4a73b21f4df592eb31bab912e1c9da70b06143427c4725 | Triage

Sharing

General

Target

bb4a9118301489811d4a73b21f4df592eb31bab912e1c9da70b06143427c4725
Size

2.3MB
Sample

240924-mevg8svape
MD5

572b9facaa19213713f743f351dba3f0
SHA1

b74551e6b0f9253cc20c7abd7bc32c7fcf674844
SHA256

bb4a9118301489811d4a73b21f4df592eb31bab912e1c9da70b06143427c4725
SHA512

e4e216aaf3b0e9efdf19e8d7a79b5d6048e6955fb1e57e50c9b96d1197b1b743475469c0abc6a857102f99a4062b05b3b2ce1f36fd1c8271e547587252a5e036
SSDEEP

49152:ZfQia2KVxvzECEqCVgFhRVAWD1x3eurHx1Ha7pDk8RX:ZfyVzRfuiHx1Ha7pg8

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.200.200:443/bootstrap-2.min.js

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0)

Targets

- Target
  
  bb4a9118301489811d4a73b21f4df592eb31bab912e1c9da70b06143427c4725
- Size
  
  2.3MB
- MD5
  
  572b9facaa19213713f743f351dba3f0
- SHA1
  
  b74551e6b0f9253cc20c7abd7bc32c7fcf674844
- SHA256
  
  bb4a9118301489811d4a73b21f4df592eb31bab912e1c9da70b06143427c4725
- SHA512
  
  e4e216aaf3b0e9efdf19e8d7a79b5d6048e6955fb1e57e50c9b96d1197b1b743475469c0abc6a857102f99a4062b05b3b2ce1f36fd1c8271e547587252a5e036
- SSDEEP
  
  49152:ZfQia2KVxvzECEqCVgFhRVAWD1x3eurHx1Ha7pDk8RX:ZfyVzRfuiHx1Ha7pg8
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan