Analysis
-
max time kernel
135s -
max time network
140s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
03-03-2021 19:35
Static task
static1
Behavioral task
behavioral1
Sample
StyleToolkit.EXE
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
StyleToolkit.EXE
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
StyleToolkit.EXE
-
Size
577KB
-
MD5
b3c22a53376ee8ace4dc2f1e9173ad06
-
SHA1
7c8805a0262fdd67988e00be266f7551708635d0
-
SHA256
35174b5744905f9aa431cdf18ccf0d521db5f03e745fc242a632827dd756a1a6
-
SHA512
df28838a063bdd4dec3934c5bac29bca715058d40fb79a94a8f30fb2839c621ddd7a388fc68d7e0fdeb4a1fcf78ac8356f419d7bb7e712d56e12c79162c27999
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
Version
windows/download_exec
C2
http://biollet.com:443/image-directory/sitemap.ico
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
StyleToolkit.EXEpid process 1072 StyleToolkit.EXE 1072 StyleToolkit.EXE