Overview

overview

10

Static

static

NoInternet-Win7-10min

windows7_x64

10

Analysis

  • max time kernel
    154s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    27-02-2021 16:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Employee Annual Report.exe

  • Size

    287KB

  • MD5

    e0aeb91c1768b663b70adfc418512cbc

  • SHA1

    9c8de5c9ee4ccc7d8ca046b62f2fc55fdcae89f6

  • SHA256

    6b9b5df993a38ebb2fa3eba4c26686b49aa57ec577902222225058a02284170e

  • SHA512

    14c505cfe4b0a65454f196ee42e32d6f263056694ead5c8787aa3efe921d2885df58676196e9f4315869dc1283cf9be4dad39f6e85f2ee0e147591eb14e1fb46

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

Version

windows/download_exec

C2

http://redwelt.com:443/files/links.gif

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\Employee Annual Report.exe
    "C:\Users\Admin\AppData\Local\Temp\Employee Annual Report.exe"
    1⤵
      PID:1656

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1528-3-0x000007FEF6940000-0x000007FEF6BBA000-memory.dmp
      Filesize

      2.5MB

      Download
    • memory/1656-2-0x00000000001E0000-0x00000000001E1000-memory.dmp
      Filesize

      4KB

      Download