cobaltstrike | ca7eb806784a3a0949d006ef6ce9ae3a770e80e72fcd6d4556496c7dbd093229 | Triage

Sharing

General

Target

ca7eb806784a3a0949d006ef6ce9ae3a770e80e72fcd6d4556496c7dbd093229
Size

19KB
Sample

241123-gzrzyswpdm
MD5

467ad690309ef86a12a02bf19ed1eff2
SHA1

76a680bd007bf128f8fe274328298ab8af903917
SHA256

ca7eb806784a3a0949d006ef6ce9ae3a770e80e72fcd6d4556496c7dbd093229
SHA512

4960714cea570900a98a3b5a2bfb0de23f4e97bfd1601851157cb01949dc0b973f5dac550927cb1ea458f0bcb83c74bd8e6c06d34ceb0d9984dacac1eddee704
SSDEEP

192:uV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2UHNDeMuHuWF8qa1Dojjgi:4qaCF31cix+Dc4zjjYvFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.2.131:80/ZIXb

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)

Targets

- Target
  
  ca7eb806784a3a0949d006ef6ce9ae3a770e80e72fcd6d4556496c7dbd093229
- Size
  
  19KB
- MD5
  
  467ad690309ef86a12a02bf19ed1eff2
- SHA1
  
  76a680bd007bf128f8fe274328298ab8af903917
- SHA256
  
  ca7eb806784a3a0949d006ef6ce9ae3a770e80e72fcd6d4556496c7dbd093229
- SHA512
  
  4960714cea570900a98a3b5a2bfb0de23f4e97bfd1601851157cb01949dc0b973f5dac550927cb1ea458f0bcb83c74bd8e6c06d34ceb0d9984dacac1eddee704
- SSDEEP
  
  192:uV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2UHNDeMuHuWF8qa1Dojjgi:4qaCF31cix+Dc4zjjYvFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan