cobaltstrike | 915d48833809b413355935bb252abeda7b7bf4e589f9021719ffcb539100c36f

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2022 23:23

Target

915d48833809b413355935bb252abeda7b7bf4e589f9021719ffcb539100c36f.exe
Size

315KB
MD5

9b56ade373a6f238e5d053aee56b35a4
SHA1

aafb4c9a53caf8e390167b82e5770151a1f436fb
SHA256

915d48833809b413355935bb252abeda7b7bf4e589f9021719ffcb539100c36f
SHA512

ac9b938601e22924ec04d9aefda1b67f16886dca4aa6501e847689c480e699794398ee82f5abf545836f10e6bfa49eac817d5b033865af8867f44527fbbcec66
SSDEEP

6144:Hq3gCk4oqWYHtSuYnI+tnYDcMbY4FmNzNwm+MhUaNxO1BcC1cH:Hq3bz1NsnI+1Kb5KzNVNqPcnH

Score

10^/10

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\915d48833809b413355935bb252abeda7b7bf4e589f9021719ffcb539100c36f.exe
"C:\Users\Admin\AppData\Local\Temp\915d48833809b413355935bb252abeda7b7bf4e589f9021719ffcb539100c36f.exe"
1⤵
PID:1756

memory/1756-132-0x0000000000E60000-0x0000000000EBB000-memory.dmp

Filesize
364KB

Download
memory/1756-134-0x000000007F930000-0x000000007F974000-memory.dmp

Filesize
272KB

Download
memory/1756-133-0x0000000000E60000-0x0000000000EBB000-memory.dmp

Filesize
364KB

Download