cobaltstrike | 77b42a34d23f8012b41286c9abfb369de52e6864c1263780613380660a168028 | Triage

Sharing

General

Target

77b42a34d23f8012b41286c9abfb369de52e6864c1263780613380660a168028
Size

12.6MB
Sample

240925-wj81vsyfnp
MD5

6f12b563903c18eb157ce9c2d3e9dbd3
SHA1

1faf2fb04b21ce8ce738cd54ac562111b5ccd874
SHA256

77b42a34d23f8012b41286c9abfb369de52e6864c1263780613380660a168028
SHA512

3506585b7164904abafba01bca1a4690327cdceef3dded37d45e253ee72a29d4e8ab83a51990ef467df16c70e5d8b9d07851505966f8c41cb1aa160dee1ee2aa
SSDEEP

196608:2VEk31F89onJ5hrZERm0sKYu/PaQoRz0mpjNcWl7GofBlib7u5lxDDNP3C:0Ek3r89c5hlER8Q2leW1Bl87u5lxD8

Score

10^/10

cobaltstrike backdoor pyinstaller trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://172.20.212.107:8080/l8Gr

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MALC)

Targets

- Target
  
  77b42a34d23f8012b41286c9abfb369de52e6864c1263780613380660a168028
- Size
  
  12.6MB
- MD5
  
  6f12b563903c18eb157ce9c2d3e9dbd3
- SHA1
  
  1faf2fb04b21ce8ce738cd54ac562111b5ccd874
- SHA256
  
  77b42a34d23f8012b41286c9abfb369de52e6864c1263780613380660a168028
- SHA512
  
  3506585b7164904abafba01bca1a4690327cdceef3dded37d45e253ee72a29d4e8ab83a51990ef467df16c70e5d8b9d07851505966f8c41cb1aa160dee1ee2aa
- SSDEEP
  
  196608:2VEk31F89onJ5hrZERm0sKYu/PaQoRz0mpjNcWl7GofBlib7u5lxDDNP3C:0Ek3r89c5hlER8Q2leW1Bl87u5lxD8
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan