cobaltstrike | 8dbdb1fbeea488be261d124032100c47947a14b72815cbfd2e1118d45717ba05 | Triage

Sharing

General

Target

8dbdb1fbeea488be261d124032100c47947a14b72815cbfd2e1118d45717ba05
Size

112KB
Sample

241123-qax94s1qfn
MD5

b63d5dae1ef57ad56286227e3700f1e8
SHA1

96b3770f32796b1e06e63519007a8e0679eb5205
SHA256

8dbdb1fbeea488be261d124032100c47947a14b72815cbfd2e1118d45717ba05
SHA512

e8e0194e0de725dd379996c0e10f09462adf86cd4d2515f211dd225de9807ec838c63dcd4442231de1ffb7e92d39d4b14c3ac6a2bba765bb87ec64e7cde2a609
SSDEEP

3072:OhRWtSb0pjpbM6QiQQO4g+phWK2o5wu1SH:+WtSb0pjpIlQO4goht5wj

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.137.6:80/aca8

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; NP08; MAAU; NP08)

Targets

- Target
  
  8dbdb1fbeea488be261d124032100c47947a14b72815cbfd2e1118d45717ba05
- Size
  
  112KB
- MD5
  
  b63d5dae1ef57ad56286227e3700f1e8
- SHA1
  
  96b3770f32796b1e06e63519007a8e0679eb5205
- SHA256
  
  8dbdb1fbeea488be261d124032100c47947a14b72815cbfd2e1118d45717ba05
- SHA512
  
  e8e0194e0de725dd379996c0e10f09462adf86cd4d2515f211dd225de9807ec838c63dcd4442231de1ffb7e92d39d4b14c3ac6a2bba765bb87ec64e7cde2a609
- SSDEEP
  
  3072:OhRWtSb0pjpbM6QiQQO4g+phWK2o5wu1SH:+WtSb0pjpIlQO4goht5wj
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan