Analysis
-
max time kernel
131s -
max time network
140s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
05-01-2022 14:42
Static task
static1
Behavioral task
behavioral1
Sample
42e4083d52a41ee7d322f5b4cd2a0c5b6a72c3113b85099819a9968a2e98aea9.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
42e4083d52a41ee7d322f5b4cd2a0c5b6a72c3113b85099819a9968a2e98aea9.exe
Resource
win10-en-20211208
General
-
Target
42e4083d52a41ee7d322f5b4cd2a0c5b6a72c3113b85099819a9968a2e98aea9.exe
-
Size
12KB
-
MD5
7580453f6db92422e629d3de19346688
-
SHA1
4b6eec94a1fc1b1d42025a4476950e846f4f8f77
-
SHA256
42e4083d52a41ee7d322f5b4cd2a0c5b6a72c3113b85099819a9968a2e98aea9
-
SHA512
e93e38e6d26998e9dedcf3370e8e12b7d1abae35c59606035243029d544ff17e2c56e9195f47e2a2a41ec83e64e0cc6fd22b43c004c019592034bd773cc5dac5
Malware Config
Extracted
cobaltstrike
http://47.93.63.179:5812/Wc9j
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MANM)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1260-115-0x000001D6112F0000-0x000001D6112F1000-memory.dmpFilesize
4KB