cobaltstrike | 0feb2cb1c9a50baade6780ba1e45de66e6ecffa4624a4acfe94759271570c98b | Triage

Submit
Reports

Overview

overview

Static

static

3

0feb2cb1c9...8b.exe

windows7-x64

0feb2cb1c9...8b.exe

windows10-2004-x64

Sharing

General

Target

0feb2cb1c9a50baade6780ba1e45de66e6ecffa4624a4acfe94759271570c98b
Size

19KB
Sample

240629-mgejssydkq
MD5

09d7a9df2b95b00d352e238d99575799
SHA1

0559f6ce6eeb32d8483e7821326fb8d58914bc98
SHA256

0feb2cb1c9a50baade6780ba1e45de66e6ecffa4624a4acfe94759271570c98b
SHA512

d9e02050b22f4e47a5ea6d574d4223b7d44d3683db50a06bb462337bf01f1a42156dc153ed10b1c59c135f7621d01fcca836ef98320ba9f5705262b08d87ed2d
SSDEEP

192:pV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/26mp9z8FhWF8qa1Dojjgi:LqaCF31cix+Dc4zj8zocFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0feb2cb1c9a50baade6780ba1e45de66e6ecffa4624a4acfe94759271570c98b.exe

Resource

win7-20240508-en

cobaltstrike backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

0feb2cb1c9a50baade6780ba1e45de66e6ecffa4624a4acfe94759271570c98b.exe

Resource

win10v2004-20240611-en

cobaltstrike backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.101.81:8523/IhkA

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; MAARJS)

Targets

- Target
  
  0feb2cb1c9a50baade6780ba1e45de66e6ecffa4624a4acfe94759271570c98b
- Size
  
  19KB
- MD5
  
  09d7a9df2b95b00d352e238d99575799
- SHA1
  
  0559f6ce6eeb32d8483e7821326fb8d58914bc98
- SHA256
  
  0feb2cb1c9a50baade6780ba1e45de66e6ecffa4624a4acfe94759271570c98b
- SHA512
  
  d9e02050b22f4e47a5ea6d574d4223b7d44d3683db50a06bb462337bf01f1a42156dc153ed10b1c59c135f7621d01fcca836ef98320ba9f5705262b08d87ed2d
- SSDEEP
  
  192:pV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/26mp9z8FhWF8qa1Dojjgi:LqaCF31cix+Dc4zj8zocFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan

© 2018-2024

Terms | Privacy