cobaltstrike | c989db757ae89f6793bfaf108b28987b6ea9b9bb095a881925a64700249424bd | Triage

Sharing

General

Target

c989db757ae89f6793bfaf108b28987b6ea9b9bb095a881925a64700249424bd
Size

19KB
Sample

240927-qfyg3atfqr
MD5

8c99c8fa85bb100ad75b0e05aaf3e0b4
SHA1

561c7146ca3a093b520600a5dff8353355373ed5
SHA256

c989db757ae89f6793bfaf108b28987b6ea9b9bb095a881925a64700249424bd
SHA512

c5ff243cf443660ad03564a6d051ec443e6ed2baddd1eea36cb9238220e6c1753198c9c69b074f6c43406f16732d6223033ce724db004b1c78657b5124cdbb2f
SSDEEP

192:ZV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2cXqfzMWF8qa1Dojjgi:7qaCF31cix+Dc4zjypFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.181.131:8089/I4lt

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; Avant Browser)

Targets

- Target
  
  c989db757ae89f6793bfaf108b28987b6ea9b9bb095a881925a64700249424bd
- Size
  
  19KB
- MD5
  
  8c99c8fa85bb100ad75b0e05aaf3e0b4
- SHA1
  
  561c7146ca3a093b520600a5dff8353355373ed5
- SHA256
  
  c989db757ae89f6793bfaf108b28987b6ea9b9bb095a881925a64700249424bd
- SHA512
  
  c5ff243cf443660ad03564a6d051ec443e6ed2baddd1eea36cb9238220e6c1753198c9c69b074f6c43406f16732d6223033ce724db004b1c78657b5124cdbb2f
- SSDEEP
  
  192:ZV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2cXqfzMWF8qa1Dojjgi:7qaCF31cix+Dc4zjypFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan