cobaltstrike | e0299c0c8b651290808c4a6cd5202cb951739023d68420ebc3538b71deb27360 | Triage

Sharing

General

Target

e0299c0c8b651290808c4a6cd5202cb951739023d68420ebc3538b71deb27360
Size

14.2MB
Sample

240926-nwyrnaydla
MD5

e0b2d84330544596ed163e56f2edf279
SHA1

52d0f38dae3f99587f7bdb166d955bef5434193f
SHA256

e0299c0c8b651290808c4a6cd5202cb951739023d68420ebc3538b71deb27360
SHA512

1c9a1cfb8745e52aeb6a42352263e5de94a89d12f86a86edccc58485dbd86b5990f837b43da1ee7bc3ddc149e73afafe87abee7180b037a753f6fd21321bedc3
SSDEEP

393216:UEkIKbHN3bb1VH9c5hlER8AdZYyGtNITaZWwrEARx+DP4jg:Uwgn/dEhk8AdZGtNLHLx42

Score

10^/10

cobaltstrike backdoor pyinstaller trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.95.196.132:27430/NsZB

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; NP06)

Targets

- Target
  
  e0299c0c8b651290808c4a6cd5202cb951739023d68420ebc3538b71deb27360
- Size
  
  14.2MB
- MD5
  
  e0b2d84330544596ed163e56f2edf279
- SHA1
  
  52d0f38dae3f99587f7bdb166d955bef5434193f
- SHA256
  
  e0299c0c8b651290808c4a6cd5202cb951739023d68420ebc3538b71deb27360
- SHA512
  
  1c9a1cfb8745e52aeb6a42352263e5de94a89d12f86a86edccc58485dbd86b5990f837b43da1ee7bc3ddc149e73afafe87abee7180b037a753f6fd21321bedc3
- SSDEEP
  
  393216:UEkIKbHN3bb1VH9c5hlER8AdZYyGtNITaZWwrEARx+DP4jg:Uwgn/dEhk8AdZGtNLHLx42
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan