cobaltstrike | cf6a6152986ea164d60794b52f020b1b39ee94325e69ad97f8bdd39866cbe156 | Triage

Sharing

General

Target

cf6a6152986ea164d60794b52f020b1b39ee94325e69ad97f8bdd39866cbe156
Size

13KB
Sample

240926-lxn8hazgpk
MD5

7d0bfe6221182981d04d378cd9a7b0dd
SHA1

d0a5064ee842000807ba3a0170733cf9eb409a8d
SHA256

cf6a6152986ea164d60794b52f020b1b39ee94325e69ad97f8bdd39866cbe156
SHA512

0a702b8d27500fe1256c2014cac14806ff98a1d0bd14bc7279589cc6357fd16729415c9ca8fcece0ca91e2f667760bfb465c708ba9bd899be258c1c23e1cad9e
SSDEEP

192:9VyqzXTYN64FR3MXHddb4IrycLn4pNse:frj81fmzVr7IN

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://106.15.3.99:80/l2uJ

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0)

Targets

- Target
  
  cf6a6152986ea164d60794b52f020b1b39ee94325e69ad97f8bdd39866cbe156
- Size
  
  13KB
- MD5
  
  7d0bfe6221182981d04d378cd9a7b0dd
- SHA1
  
  d0a5064ee842000807ba3a0170733cf9eb409a8d
- SHA256
  
  cf6a6152986ea164d60794b52f020b1b39ee94325e69ad97f8bdd39866cbe156
- SHA512
  
  0a702b8d27500fe1256c2014cac14806ff98a1d0bd14bc7279589cc6357fd16729415c9ca8fcece0ca91e2f667760bfb465c708ba9bd899be258c1c23e1cad9e
- SSDEEP
  
  192:9VyqzXTYN64FR3MXHddb4IrycLn4pNse:frj81fmzVr7IN
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan