cobaltstrike | 2a884ea7ed4795ee2c45c96c78076624c96ad56c2750220b22f3dbd7c90e7b57 | Triage

Sharing

General

Target

2a884ea7ed4795ee2c45c96c78076624c96ad56c2750220b22f3dbd7c90e7b57
Size

19KB
Sample

241123-h74t6a1lat
MD5

45b5cb8971f298961ebd76dd38e7124e
SHA1

1bfe7c3dfbae1b5e219f379d654c5ff190ebad00
SHA256

2a884ea7ed4795ee2c45c96c78076624c96ad56c2750220b22f3dbd7c90e7b57
SHA512

6487c5daece5dbf1a5baefc2569c1d6c1891217f4ae98770dae46fcc33c341e26765233d935626903e491b2fd7923799cbed873ef780b409c58a1b0263ed75f8
SSDEEP

192:qV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2xWv2a8WF8qa1Dojjgi:EqaCF31cix+Dc4zj8W5FF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.199.75:8889/TlMP

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)

Targets

- Target
  
  2a884ea7ed4795ee2c45c96c78076624c96ad56c2750220b22f3dbd7c90e7b57
- Size
  
  19KB
- MD5
  
  45b5cb8971f298961ebd76dd38e7124e
- SHA1
  
  1bfe7c3dfbae1b5e219f379d654c5ff190ebad00
- SHA256
  
  2a884ea7ed4795ee2c45c96c78076624c96ad56c2750220b22f3dbd7c90e7b57
- SHA512
  
  6487c5daece5dbf1a5baefc2569c1d6c1891217f4ae98770dae46fcc33c341e26765233d935626903e491b2fd7923799cbed873ef780b409c58a1b0263ed75f8
- SSDEEP
  
  192:qV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2xWv2a8WF8qa1Dojjgi:EqaCF31cix+Dc4zj8W5FF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan