cobaltstrike | 98c3a2a9313b856b6cd4dc25b9174d495d6a5964eb738e7c96ff3a91375e1325 | Triage

Sharing

General

Target

98c3a2a9313b856b6cd4dc25b9174d495d6a5964eb738e7c96ff3a91375e1325
Size

2.1MB
Sample

241125-l532ma1nbz
MD5

8a733789faaf14f5c6fdee16523c90dc
SHA1

9797c2343b19dfdfcbfd76f9412f3f6699c67670
SHA256

98c3a2a9313b856b6cd4dc25b9174d495d6a5964eb738e7c96ff3a91375e1325
SHA512

1984bc274afe4ee8acd04fc57d9bcbdae57cb229517333abda216605fa0c697631e6777b78f8f652d6edb1c9886bd0608546b8c2282c2bc194ea861407ce7c0a
SSDEEP

24576:uDCIq+Nu7f/uwQSnS42Ue7wso05nq6ZnICku2TS6U7GM7vGn/aFXXniFcAek:ueIqSSmwsxFIU2m6U7Gb/cTAek

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.110.133:8079/eOdE

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; MANM)

Targets

- Target
  
  98c3a2a9313b856b6cd4dc25b9174d495d6a5964eb738e7c96ff3a91375e1325
- Size
  
  2.1MB
- MD5
  
  8a733789faaf14f5c6fdee16523c90dc
- SHA1
  
  9797c2343b19dfdfcbfd76f9412f3f6699c67670
- SHA256
  
  98c3a2a9313b856b6cd4dc25b9174d495d6a5964eb738e7c96ff3a91375e1325
- SHA512
  
  1984bc274afe4ee8acd04fc57d9bcbdae57cb229517333abda216605fa0c697631e6777b78f8f652d6edb1c9886bd0608546b8c2282c2bc194ea861407ce7c0a
- SSDEEP
  
  24576:uDCIq+Nu7f/uwQSnS42Ue7wso05nq6ZnICku2TS6U7GM7vGn/aFXXniFcAek:ueIqSSmwsxFIU2m6U7Gb/cTAek
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan