Analysis
-
max time kernel
100s -
max time network
101s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
27-02-2021 16:58
Static task
static1
Behavioral task
behavioral1
Sample
a70b749e1d8a236e343ddbdf9d19e7b8.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
a70b749e1d8a236e343ddbdf9d19e7b8.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
a70b749e1d8a236e343ddbdf9d19e7b8.exe
-
Size
6.7MB
-
MD5
a70b749e1d8a236e343ddbdf9d19e7b8
-
SHA1
9bd3d01e68d23beab8a6124296074e124938147e
-
SHA256
9b7e0a21e13f1607ef431f54a44902d9250a0d21420cc1618481bea5b1dee86a
-
SHA512
03a23e59a7621ce44a2cc4c15c7ee2edadf30d1587699bf63499555178e5f232eb35ab627ab3661cb16bb76942a5219914182c039626ba77b43d682c99a19e00
Score
10/10
Malware Config
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/776-2-0x0000000000400000-0x0000000000AEC000-memory.dmpFilesize
6.9MB
-
memory/776-3-0x0000000000400000-0x0000000000AEC000-memory.dmpFilesize
6.9MB
-
memory/776-4-0x0000000000400000-0x0000000000AEC000-memory.dmpFilesize
6.9MB
-
memory/776-5-0x0000000028040000-0x0000000028041000-memory.dmpFilesize
4KB
-
memory/1204-6-0x000007FEF6010000-0x000007FEF628A000-memory.dmpFilesize
2.5MB