cobaltstrike | af02fed6df2fab1244d2abcaa09d6cbf1f07559dacb059c56d9940c5d2ab1201 | Triage

Sharing

General

Target

af02fed6df2fab1244d2abcaa09d6cbf1f07559dacb059c56d9940c5d2ab1201
Size

12KB
Sample

241118-n7tbbawkb1
MD5

d844435ab833457b07f95be243b55d98
SHA1

192e7e0378fc5b3e006c9889acafa38941426960
SHA256

af02fed6df2fab1244d2abcaa09d6cbf1f07559dacb059c56d9940c5d2ab1201
SHA512

bfddc34983ee1116c9649d23e852035af2ae06053aa27de72700baff22f4a607a96d0d524e966977efb3a4efe4b8fb174a5ffb4034f1b0b12fec032b28ebc0dd
SSDEEP

192:ODlCO6zQ4YqPeymezimortHgbite3Q5tfLrqk0:ODlCPQ4YQpmeumorOSe37k

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://1.94.63.197:9901/QNHv

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; ASU2JS)

Targets

- Target
  
  af02fed6df2fab1244d2abcaa09d6cbf1f07559dacb059c56d9940c5d2ab1201
- Size
  
  12KB
- MD5
  
  d844435ab833457b07f95be243b55d98
- SHA1
  
  192e7e0378fc5b3e006c9889acafa38941426960
- SHA256
  
  af02fed6df2fab1244d2abcaa09d6cbf1f07559dacb059c56d9940c5d2ab1201
- SHA512
  
  bfddc34983ee1116c9649d23e852035af2ae06053aa27de72700baff22f4a607a96d0d524e966977efb3a4efe4b8fb174a5ffb4034f1b0b12fec032b28ebc0dd
- SSDEEP
  
  192:ODlCO6zQ4YqPeymezimortHgbite3Q5tfLrqk0:ODlCPQ4YQpmeumorOSe37k
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan