Overview

overview

10

Static

static

StyleToolkit.EXE

windows7_x64

10

StyleToolkit.EXE

windows10_x64

10

Analysis

  • max time kernel
    135s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    03-03-2021 19:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    StyleToolkit.EXE

  • Size

    577KB

  • MD5

    b3c22a53376ee8ace4dc2f1e9173ad06

  • SHA1

    7c8805a0262fdd67988e00be266f7551708635d0

  • SHA256

    35174b5744905f9aa431cdf18ccf0d521db5f03e745fc242a632827dd756a1a6

  • SHA512

    df28838a063bdd4dec3934c5bac29bca715058d40fb79a94a8f30fb2839c621ddd7a388fc68d7e0fdeb4a1fcf78ac8356f419d7bb7e712d56e12c79162c27999

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

Version

windows/download_exec

C2

http://biollet.com:443/image-directory/sitemap.ico

Signatures

  • Cobaltstrike

    Detected malicious payload which is part of Cobaltstrike.

    trojanbackdoorcobaltstrike
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\StyleToolkit.EXE
    "C:\Users\Admin\AppData\Local\Temp\StyleToolkit.EXE"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1072-2-0x0000000001B30000-0x0000000001B31000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2004-3-0x000007FEF6510000-0x000007FEF678A000-memory.dmp
    Filesize

    2.5MB

    Download