Resubmissions
25-03-2021 14:02
210325-6mt4xffj46 1008-03-2021 01:58
210308-r9csy6wkvx 1026-02-2021 11:00
210226-9h1pkd739a 10Analysis
-
max time kernel
30s -
max time network
31s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
08-03-2021 01:58
Static task
static1
Behavioral task
behavioral1
Sample
Employee-Bonus.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
Employee-Bonus.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
Employee-Bonus.exe
-
Size
97KB
-
MD5
b2a682b8fe731d3c9a97b8fbf1cd84ae
-
SHA1
ebbbbeadbfcff24fd604167a628cf12ab2bb9c6c
-
SHA256
84cef0aed269e6213bfa213d95a3db625bcdde130f33bf4227436985e4473252
-
SHA512
6aa9246f88e398d1167126e88c90fc5a4049d7361ec4853abd1094d667ba0be42964190f17c0b40615856d44724989439c2d9fb53cbd2b69b135832d8e8522f2
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
Version
windows/download_exec
C2
http://jumpbill.com:443/image-directory/eso.jpg
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.