cobaltstrike | 45f726c68e3d56edd4031fa77b4d26883625742231347e0b848c9d9d923f0ed5 | Triage

Sharing

General

Target

45f726c68e3d56edd4031fa77b4d26883625742231347e0b848c9d9d923f0ed5
Size

2.0MB
Sample

240925-gcbdpa1cph
MD5

dcd4550a15c84784ede698edbb317eda
SHA1

1579644109aef0b454da96c89103e10fe8910ad2
SHA256

45f726c68e3d56edd4031fa77b4d26883625742231347e0b848c9d9d923f0ed5
SHA512

6257a37ba457914a1c4454c9c3626b2232c2d0544c731835117046b9be9e57ff54af5916418c140c75a6febfd69b0981dbc7340e40cc928b5f75b12f8fe5011d
SSDEEP

24576:3xH7AzDuIGnDFdNuumwRjTMIUw3mHsb/vX0FMxS:J7AzDu/bwueIBx

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://10.18.204.194:86/cXJX

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)

Targets

- Target
  
  45f726c68e3d56edd4031fa77b4d26883625742231347e0b848c9d9d923f0ed5
- Size
  
  2.0MB
- MD5
  
  dcd4550a15c84784ede698edbb317eda
- SHA1
  
  1579644109aef0b454da96c89103e10fe8910ad2
- SHA256
  
  45f726c68e3d56edd4031fa77b4d26883625742231347e0b848c9d9d923f0ed5
- SHA512
  
  6257a37ba457914a1c4454c9c3626b2232c2d0544c731835117046b9be9e57ff54af5916418c140c75a6febfd69b0981dbc7340e40cc928b5f75b12f8fe5011d
- SSDEEP
  
  24576:3xH7AzDuIGnDFdNuumwRjTMIUw3mHsb/vX0FMxS:J7AzDu/bwueIBx
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan