cobaltstrike | 84b8ec774af868afca3ae6f52f193f2a684590f6b0252c53ed26d260ea5787f3

Analysis

max time kernel
93s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
02/12/2022, 18:15

Target

84b8ec774af868afca3ae6f52f193f2a684590f6b0252c53ed26d260ea5787f3.exe
Size

315KB
MD5

fa4bd34faf28ddf2fdadeb487f8ab0e0
SHA1

565108630a199ff39fa911d6c2812ddb77be6249
SHA256

84b8ec774af868afca3ae6f52f193f2a684590f6b0252c53ed26d260ea5787f3
SHA512

38d944e720c553bec68bd30a453bbd0511c544d58a25a01b6f8ac2bfeb0cff0475733daec633dfc99b04cb21c1cc8a56694dab0fb433020a7bcf67bd3bb7f260
SSDEEP

6144:Hq3gCJGoqWYHtSXYnI+tnYDcMbY4FmNzNwm+MhUaixO1BcC1c9:Hq3yz1NznI+1Kb5KzNVNTPcn9

Score

10^/10

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\84b8ec774af868afca3ae6f52f193f2a684590f6b0252c53ed26d260ea5787f3.exe
"C:\Users\Admin\AppData\Local\Temp\84b8ec774af868afca3ae6f52f193f2a684590f6b0252c53ed26d260ea5787f3.exe"
1⤵
PID:488

memory/488-132-0x0000000000BB0000-0x0000000000C0B000-memory.dmp

Filesize
364KB

Download
memory/488-133-0x000000007F730000-0x000000007F774000-memory.dmp

Filesize
272KB

Download
memory/488-134-0x0000000000BB0000-0x0000000000C0B000-memory.dmp

Filesize
364KB

Download