cobaltstrike | 6df039efeaad6e4f79310fd604edfb42c574816a25da56b67ec9d8164b83ecbc | Triage

Sharing

General

Target

6df039efeaad6e4f79310fd604edfb42c574816a25da56b67ec9d8164b83ecbc
Size

19KB
Sample

241120-ta5kzaydnf
MD5

ac1578cacfd828a4a1279d412d226f20
SHA1

c9a952623a9196ea330ef6a2b408422c19265627
SHA256

6df039efeaad6e4f79310fd604edfb42c574816a25da56b67ec9d8164b83ecbc
SHA512

f36de06a4e9837561e7f0c6b61623f7749fecb5e438c54f4c4e8f4e0233957954dda823965993faa1d9b4e753fadbd6f6ff704a19a9c6b6e6a423be891a25895
SSDEEP

192:/V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2D3WF8qa1Dojjgi:5qaCF31cix+Dc4zjpFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.116.129:8080/iGiD

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.4; InfoPath.2)

Targets

- Target
  
  6df039efeaad6e4f79310fd604edfb42c574816a25da56b67ec9d8164b83ecbc
- Size
  
  19KB
- MD5
  
  ac1578cacfd828a4a1279d412d226f20
- SHA1
  
  c9a952623a9196ea330ef6a2b408422c19265627
- SHA256
  
  6df039efeaad6e4f79310fd604edfb42c574816a25da56b67ec9d8164b83ecbc
- SHA512
  
  f36de06a4e9837561e7f0c6b61623f7749fecb5e438c54f4c4e8f4e0233957954dda823965993faa1d9b4e753fadbd6f6ff704a19a9c6b6e6a423be891a25895
- SSDEEP
  
  192:/V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2D3WF8qa1Dojjgi:5qaCF31cix+Dc4zjpFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan