cobaltstrike | 2c1decbcc86fc44c794500506167b843632bd5f4810edff4521f1a424d93e0e5 | Triage

Sharing

General

Target

2c1decbcc86fc44c794500506167b843632bd5f4810edff4521f1a424d93e0e5
Size

1.7MB
Sample

241119-n9a8hs1jdj
MD5

54965e6b0aa541f0c2a9751d213ec22e
SHA1

60654d40422a11e4d5108acf374719ed4e843ff0
SHA256

2c1decbcc86fc44c794500506167b843632bd5f4810edff4521f1a424d93e0e5
SHA512

4f35b38018aa8bf0648fbc34e3a84934cea01f15b9a4fdacfd86662d5a932101a5666ff2f08788169891617708aca2e80ccbfa8cf7a6bf208d135e85ee75613d
SSDEEP

24576:tdqOwfddJskiJTODfL44xBwJb0t3FS6NvnfnhQX79u66LUn0:tdbwfddxBRt1S6dnfM9e

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://10.0.0.123:800/4add

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)

Targets

- Target
  
  2c1decbcc86fc44c794500506167b843632bd5f4810edff4521f1a424d93e0e5
- Size
  
  1.7MB
- MD5
  
  54965e6b0aa541f0c2a9751d213ec22e
- SHA1
  
  60654d40422a11e4d5108acf374719ed4e843ff0
- SHA256
  
  2c1decbcc86fc44c794500506167b843632bd5f4810edff4521f1a424d93e0e5
- SHA512
  
  4f35b38018aa8bf0648fbc34e3a84934cea01f15b9a4fdacfd86662d5a932101a5666ff2f08788169891617708aca2e80ccbfa8cf7a6bf208d135e85ee75613d
- SSDEEP
  
  24576:tdqOwfddJskiJTODfL44xBwJb0t3FS6NvnfnhQX79u66LUn0:tdbwfddxBRt1S6dnfM9e
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan