cobaltstrike | 6bf23c4122c71ef1216d191a2329a964232069131abb96e36001eaf23ffb7fc5 | Triage

Sharing

General

Target

6bf23c4122c71ef1216d191a2329a964232069131abb96e36001eaf23ffb7fc5
Size

113KB
Sample

250321-kr9rksv1bt
MD5

88fc2a88b0547c23470cd4c5964a0888
SHA1

4e50429d199940f07019ab371b628967d52ca789
SHA256

6bf23c4122c71ef1216d191a2329a964232069131abb96e36001eaf23ffb7fc5
SHA512

dbb257ade211e4f2c6c966e4540ecfb033086a11e2d10d3e64a99c1f40f007fb5f48ec3613d69f6a3a29f80e2f52f6eb2ec7e87a49a8d7d950fb4c775b394488
SSDEEP

1536:u+HeW2Ecdv8zjR/U4JWynSBwCcICYMaRXxvL9eZc4lsWb5d09dlou9msye:B1+JQa4J5owCctYMaRXXeZ7vMeUmsy

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://10.0.1.4:8090/HZkP

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUSMSE)

Targets

- Target
  
  6bf23c4122c71ef1216d191a2329a964232069131abb96e36001eaf23ffb7fc5
- Size
  
  113KB
- MD5
  
  88fc2a88b0547c23470cd4c5964a0888
- SHA1
  
  4e50429d199940f07019ab371b628967d52ca789
- SHA256
  
  6bf23c4122c71ef1216d191a2329a964232069131abb96e36001eaf23ffb7fc5
- SHA512
  
  dbb257ade211e4f2c6c966e4540ecfb033086a11e2d10d3e64a99c1f40f007fb5f48ec3613d69f6a3a29f80e2f52f6eb2ec7e87a49a8d7d950fb4c775b394488
- SSDEEP
  
  1536:u+HeW2Ecdv8zjR/U4JWynSBwCcICYMaRXxvL9eZc4lsWb5d09dlou9msye:B1+JQa4J5owCctYMaRXXeZ7vMeUmsy
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan