Analysis
-
max time kernel
132s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220112 -
submitted
23-02-2022 21:52
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20220223-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-en-20220112
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
tmp.exe
-
Size
366KB
-
MD5
518d125bb64a8f8dc8b94054daf5e6df
-
SHA1
549735f585590452985451faf8ab1e6f22903abf
-
SHA256
950008035d225dd5f4c3a229082f1206eb9bce8c4aa4822b130db065da54e224
-
SHA512
59ba254d3f7a37a760d709807de28b1b99bb0f92304e2177e67c30ca24b7fc4428608d392513706e663a49449f065c3719e318ddc7752d414441fe2895b1cb89
Score
10/10
Malware Config
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2140-130-0x00000000021C0000-0x0000000002207000-memory.dmpFilesize
284KB
-
memory/2140-131-0x0000000000400000-0x000000000044B000-memory.dmpFilesize
300KB
-
memory/2140-132-0x0000000002380000-0x00000000023B3000-memory.dmpFilesize
204KB
-
memory/2140-133-0x0000000002600000-0x000000000263D000-memory.dmpFilesize
244KB