Analysis
-
max time kernel
31s -
max time network
32s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
07-05-2021 10:14
Static task
static1
Behavioral task
behavioral1
Sample
339c7ac759b7ef0ab8e2a9434f53fcd212786575b08b4b41687ab10fdcf2c502.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
339c7ac759b7ef0ab8e2a9434f53fcd212786575b08b4b41687ab10fdcf2c502.exe
Resource
win10v20210410
General
-
Target
339c7ac759b7ef0ab8e2a9434f53fcd212786575b08b4b41687ab10fdcf2c502.exe
-
Size
17KB
-
MD5
60a1bfe619b2dc1cec9f3f61762255f4
-
SHA1
0c71506f28da58c9c90a0008eafae21309f729b7
-
SHA256
339c7ac759b7ef0ab8e2a9434f53fcd212786575b08b4b41687ab10fdcf2c502
-
SHA512
1bbeddebc065360a49b0cea2a0e876a6237baca850cb75f73ee94fb6c37858c0c2f1274fe9a5a4ee2a8e739a3385d389ba702130a8dea98adde4043820bc926c
Malware Config
Extracted
cobaltstrike
http://95.181.157.170:80/uNIQ
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.