cobaltstrike | a6e761f0291bd14ea518804b4db8a18f4cb0aeb4844b92d50c64016b67341402 | Triage

Sharing

General

Target

a6e761f0291bd14ea518804b4db8a18f4cb0aeb4844b92d50c64016b67341402
Size

54KB
Sample

241126-n3nv2awnfl
MD5

c5d511c10506c0175e1d6ef0e5fe4dff
SHA1

95ef0f6fba23189af750be9c8ae52e4571dbbd19
SHA256

a6e761f0291bd14ea518804b4db8a18f4cb0aeb4844b92d50c64016b67341402
SHA512

733a5f5c850bf7e8e586b6aca1eac3ea9eff89f10a16d8c62dd609d1a0caefdb31d5ecb4648d7ba18a2db46c98f23211123958d977a7a2dec389d7c387022bdc
SSDEEP

768:UA7TbznfEqTIYv4gKNwFPulvTFKAOE7eJ9GhrIn7+E:5rEqTIm4gKN2PulvTv37DtI7

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.104.181.208:80/2zGj

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727)

Targets

- Target
  
  a6e761f0291bd14ea518804b4db8a18f4cb0aeb4844b92d50c64016b67341402
- Size
  
  54KB
- MD5
  
  c5d511c10506c0175e1d6ef0e5fe4dff
- SHA1
  
  95ef0f6fba23189af750be9c8ae52e4571dbbd19
- SHA256
  
  a6e761f0291bd14ea518804b4db8a18f4cb0aeb4844b92d50c64016b67341402
- SHA512
  
  733a5f5c850bf7e8e586b6aca1eac3ea9eff89f10a16d8c62dd609d1a0caefdb31d5ecb4648d7ba18a2db46c98f23211123958d977a7a2dec389d7c387022bdc
- SSDEEP
  
  768:UA7TbznfEqTIYv4gKNwFPulvTFKAOE7eJ9GhrIn7+E:5rEqTIm4gKN2PulvTv37DtI7
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan