cobaltstrike | d71eee6bf2a5339915dc0affd8b8d743ed12b3f7ac2920c3b988cb2fa9714aa1 | Triage

Sharing

General

Target

d71eee6bf2a5339915dc0affd8b8d743ed12b3f7ac2920c3b988cb2fa9714aa1
Size

574KB
Sample

240924-rd8qpa1fja
MD5

0b0c3d96051a518ff1485971b7044d77
SHA1

bf238e6e28f24cdf5ac4c58c1a964a076b49edb7
SHA256

d71eee6bf2a5339915dc0affd8b8d743ed12b3f7ac2920c3b988cb2fa9714aa1
SHA512

e00135287649e63dc8c235c3bc1843e4a63badfc7451eb6262cffcbe6d8f1dd06841027cd87b759140d501bab35934bb5a806974a642b307be557d0916465aca
SSDEEP

3072:A16qj8W8QllCg1BsGGLtT38+arPuRoWsKTVmBSdo7wR9W2BhQzLW:lVW8ylHAKJr2YKTtW8U2eO

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.3.30:80/qGr3

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch; ASU2JS)

Targets

- Target
  
  d71eee6bf2a5339915dc0affd8b8d743ed12b3f7ac2920c3b988cb2fa9714aa1
- Size
  
  574KB
- MD5
  
  0b0c3d96051a518ff1485971b7044d77
- SHA1
  
  bf238e6e28f24cdf5ac4c58c1a964a076b49edb7
- SHA256
  
  d71eee6bf2a5339915dc0affd8b8d743ed12b3f7ac2920c3b988cb2fa9714aa1
- SHA512
  
  e00135287649e63dc8c235c3bc1843e4a63badfc7451eb6262cffcbe6d8f1dd06841027cd87b759140d501bab35934bb5a806974a642b307be557d0916465aca
- SSDEEP
  
  3072:A16qj8W8QllCg1BsGGLtT38+arPuRoWsKTVmBSdo7wR9W2BhQzLW:lVW8ylHAKJr2YKTtW8U2eO
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan