cobaltstrike | 94257457675302e788a4d7f9524ece51548630bf28221c4406c07057ba1d67f0

Analysis

max time kernel
182s
max time network
169s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
29-11-2022 05:11

Target

94257457675302e788a4d7f9524ece51548630bf28221c4406c07057ba1d67f0.exe
Size

307KB
MD5

b476f73104bbe66c730e4b1052ee1acd
SHA1

5eaaadeeb1e70bf2d2be365e39adb2e6cbd55ea8
SHA256

94257457675302e788a4d7f9524ece51548630bf28221c4406c07057ba1d67f0
SHA512

fdc343c7ad32d86583e5116fa5a20cc33d7c0d84df9ef1d0583c7ce4ec2539d4242ed241a02e28f1e7e6a49d2683a412ea4ad38ed03828dd98397ac6bb1e221b
SSDEEP

6144:2qz+T72Y0SnzinYKTY1SQshfRPVQe1MZkIYSccr7wbstO/PECYeixlYGicwP:2Cq7SSeYsY1UMqMZJYSN7wbstO/8fveR

Score

10^/10

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\94257457675302e788a4d7f9524ece51548630bf28221c4406c07057ba1d67f0.exe
"C:\Users\Admin\AppData\Local\Temp\94257457675302e788a4d7f9524ece51548630bf28221c4406c07057ba1d67f0.exe"
1⤵
PID:444

memory/444-132-0x0000000000500000-0x0000000000550000-memory.dmp

Filesize
320KB

Download
memory/444-133-0x000000007F670000-0x000000007F6B4000-memory.dmp

Filesize
272KB

Download
memory/444-134-0x0000000000500000-0x0000000000550000-memory.dmp

Filesize
320KB

Download
memory/444-135-0x000000007F670000-0x000000007F6B4000-memory.dmp

Filesize
272KB

Download