Analysis
-
max time kernel
4294196s -
max time network
138s -
platform
windows7_x64 -
resource
win7-20220223-en -
submitted
05-03-2022 07:52
General
-
Target
tmp.exe
-
Size
366KB
-
MD5
518d125bb64a8f8dc8b94054daf5e6df
-
SHA1
549735f585590452985451faf8ab1e6f22903abf
-
SHA256
950008035d225dd5f4c3a229082f1206eb9bce8c4aa4822b130db065da54e224
-
SHA512
59ba254d3f7a37a760d709807de28b1b99bb0f92304e2177e67c30ca24b7fc4428608d392513706e663a49449f065c3719e318ddc7752d414441fe2895b1cb89
Score
10/10
Malware Config
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
Processes
-
C:\Users\Admin\AppData\Local\Temp\tmp.exe"C:\Users\Admin\AppData\Local\Temp\tmp.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1920-54-0x00000000757C1000-0x00000000757C3000-memory.dmpFilesize
8KB
-
memory/1920-55-0x0000000000220000-0x0000000000267000-memory.dmpFilesize
284KB
-
memory/1920-56-0x0000000000400000-0x000000000045E000-memory.dmpFilesize
376KB
-
memory/1920-57-0x00000000002C0000-0x00000000002F3000-memory.dmpFilesize
204KB
-
memory/1920-58-0x0000000000560000-0x000000000059D000-memory.dmpFilesize
244KB