cobaltstrike | 8b7a2e5668e8a8eabf8458045765f3a7c6efb7f495fec4396891e36d93d6acc0

Analysis

max time kernel
42s
max time network
45s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
29-11-2022 05:48

Target

8b7a2e5668e8a8eabf8458045765f3a7c6efb7f495fec4396891e36d93d6acc0.exe
Size

52KB
MD5

09f6acdaa5faf9fd05e3d60ed795e1d5
SHA1

9fe591cc7e531d9a5d247c1152add2a1832dcedd
SHA256

8b7a2e5668e8a8eabf8458045765f3a7c6efb7f495fec4396891e36d93d6acc0
SHA512

b02fe396c177452bfe4f375da4c9289ba0e31baec66be328eda334b0e236633fe4dd0dcbad4a45665a9cac750b09054e13a0c366e22c89d79f12935965692931
SSDEEP

768:IdKNxCyO24fGhdoD1KqNEqueT590BBbes1nEzO25JRK7pH/+Jv:yKNxVONf2oJrEDK9kLyO25JRKtG

Score

10^/10

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\8b7a2e5668e8a8eabf8458045765f3a7c6efb7f495fec4396891e36d93d6acc0.exe
"C:\Users\Admin\AppData\Local\Temp\8b7a2e5668e8a8eabf8458045765f3a7c6efb7f495fec4396891e36d93d6acc0.exe"
1⤵
PID:1956

memory/1956-54-0x0000000075141000-0x0000000075143000-memory.dmp

Filesize
8KB

Download
memory/1956-55-0x0000000000220000-0x0000000000228000-memory.dmp

Filesize
32KB

Download
memory/1956-59-0x0000000000400000-0x000000000040D000-memory.dmp

Filesize
52KB

Download