cobaltstrike | 0771cea784eba4451048fc2dcc832853c8a39a0450644f33d28ea008e0bde693 | Triage

Sharing

General

Target

0771cea784eba4451048fc2dcc832853c8a39a0450644f33d28ea008e0bde693.exe
Size

553KB
Sample

241123-2bfbgawlhn
MD5

b54ffc49c57dd1f093f269fe04dadff9
SHA1

ff626d7e3e7509a0413f534cb520dd9312a43bb3
SHA256

0771cea784eba4451048fc2dcc832853c8a39a0450644f33d28ea008e0bde693
SHA512

ca0c979c9c53a5355d4ae993e3c58921c9213955bdc317b69c00a7e02fb3126884c6062386175ee7122a2651d51b7359c7d49009cdd9bbae1d766c7f698d5237
SSDEEP

12288:pgrtnPdl5rfdTt4Wyl5a0BP0d1DTvYF67ooL:pklrryl5aPnDTvYF67ooL

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://106.52.65.141:1234/y99r

Attributes

user_agent
User-Agent: Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.1) Java/1.5.0_08

Targets

- Target
  
  0771cea784eba4451048fc2dcc832853c8a39a0450644f33d28ea008e0bde693.exe
- Size
  
  553KB
- MD5
  
  b54ffc49c57dd1f093f269fe04dadff9
- SHA1
  
  ff626d7e3e7509a0413f534cb520dd9312a43bb3
- SHA256
  
  0771cea784eba4451048fc2dcc832853c8a39a0450644f33d28ea008e0bde693
- SHA512
  
  ca0c979c9c53a5355d4ae993e3c58921c9213955bdc317b69c00a7e02fb3126884c6062386175ee7122a2651d51b7359c7d49009cdd9bbae1d766c7f698d5237
- SSDEEP
  
  12288:pgrtnPdl5rfdTt4Wyl5a0BP0d1DTvYF67ooL:pklrryl5aPnDTvYF67ooL
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan