cobaltstrike | c988c2bbb319a537c6086b1a35afbdc403433afeff09d54daf77a4c732e9da6f | Triage

Sharing

General

Target

c988c2bbb319a537c6086b1a35afbdc403433afeff09d54daf77a4c732e9da6f
Size

19KB
Sample

241118-hz8s5s1mgy
MD5

3b17e40561035e3f4a5f957d72db2419
SHA1

1eca45387d38e749d6fbc4ff9bd33b8609f94a90
SHA256

c988c2bbb319a537c6086b1a35afbdc403433afeff09d54daf77a4c732e9da6f
SHA512

58017fddced9c3d0480222ad73d0b50e9c0e16f5aa3e7eef7ffe2b2121f64b44418dc07d9ab383ece0601a8162507eb0658d5508cbf66a1cd0dea694c0fa2238
SSDEEP

192:xV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2BhsqfUWF8qa1Dojjgi:DqaCF31cix+Dc4zjSsqJFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.42.12:8066/Cs3t

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MATP; MATP)

Targets

- Target
  
  c988c2bbb319a537c6086b1a35afbdc403433afeff09d54daf77a4c732e9da6f
- Size
  
  19KB
- MD5
  
  3b17e40561035e3f4a5f957d72db2419
- SHA1
  
  1eca45387d38e749d6fbc4ff9bd33b8609f94a90
- SHA256
  
  c988c2bbb319a537c6086b1a35afbdc403433afeff09d54daf77a4c732e9da6f
- SHA512
  
  58017fddced9c3d0480222ad73d0b50e9c0e16f5aa3e7eef7ffe2b2121f64b44418dc07d9ab383ece0601a8162507eb0658d5508cbf66a1cd0dea694c0fa2238
- SSDEEP
  
  192:xV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2BhsqfUWF8qa1Dojjgi:DqaCF31cix+Dc4zjSsqJFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan