cobaltstrike | 3caff77aa0c6f4854670c476bf2d7115fb5d11296798ef5d0db3ebfe5d867630 | Triage

Sharing

General

Target

3caff77aa0c6f4854670c476bf2d7115fb5d11296798ef5d0db3ebfe5d867630
Size

240KB
Sample

250321-lw7y8azpy5
MD5

bd2311efd39d80468a127ec2a762dd79
SHA1

69b47b6ebec1b032478d9101eccba56b526013f9
SHA256

3caff77aa0c6f4854670c476bf2d7115fb5d11296798ef5d0db3ebfe5d867630
SHA512

af53495e525585001babc42e9bd11486beb77c9e95472eaf9ed0e70e420f217e159ebe72090de7796bd27c589934ef90c84c37abee6e5ffa0210a285d363c9f8
SSDEEP

3072:WsxZF0BeaUGK2sexQYnSvuRkaehePEJGaNALLVv13Jrc4pE62MBeIaH+s2kUAUfj:jeNnJTeQsJGa+LLVhrFpBRr

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://10.0.1.4:8090/HZkP

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUSMSE)

Targets

- Target
  
  3caff77aa0c6f4854670c476bf2d7115fb5d11296798ef5d0db3ebfe5d867630
- Size
  
  240KB
- MD5
  
  bd2311efd39d80468a127ec2a762dd79
- SHA1
  
  69b47b6ebec1b032478d9101eccba56b526013f9
- SHA256
  
  3caff77aa0c6f4854670c476bf2d7115fb5d11296798ef5d0db3ebfe5d867630
- SHA512
  
  af53495e525585001babc42e9bd11486beb77c9e95472eaf9ed0e70e420f217e159ebe72090de7796bd27c589934ef90c84c37abee6e5ffa0210a285d363c9f8
- SSDEEP
  
  3072:WsxZF0BeaUGK2sexQYnSvuRkaehePEJGaNALLVv13Jrc4pE62MBeIaH+s2kUAUfj:jeNnJTeQsJGa+LLVhrFpBRr
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan