cobaltstrike | b454d38095c759da1ab2f89b5fe17955c53b5ae02dccad8852cc035f35c42b77

Analysis

max time kernel
170s
max time network
209s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2022 02:58

Target

b454d38095c759da1ab2f89b5fe17955c53b5ae02dccad8852cc035f35c42b77.exe
Size

312KB
MD5

918b36ccf7ad9279a730de0605c1090f
SHA1

9279497f46447f186c829e44f6e806b2a83058a1
SHA256

b454d38095c759da1ab2f89b5fe17955c53b5ae02dccad8852cc035f35c42b77
SHA512

2c71f4e74e67d435069ebf543d2230b02e4103ecbe4d0f588793f0d14d1a94db344db49853f60d67e6e2ef8f8d9354dbbd5654cb3eb0da65c13130e6760f852e
SSDEEP

6144:xWI+jNXUeLFTiCRTy7wzFzRODpyUOr2//m2TnLo0Dzs:EIQU2iCvxzKy1rc/msa

Score

10^/10

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\b454d38095c759da1ab2f89b5fe17955c53b5ae02dccad8852cc035f35c42b77.exe
"C:\Users\Admin\AppData\Local\Temp\b454d38095c759da1ab2f89b5fe17955c53b5ae02dccad8852cc035f35c42b77.exe"
1⤵
PID:3376

memory/3376-132-0x00000000005F0000-0x0000000000641000-memory.dmp

Filesize
324KB

Download
memory/3376-133-0x00000000005F0000-0x0000000000641000-memory.dmp

Filesize
324KB

Download
memory/3376-134-0x000000007FD20000-0x000000007FD64000-memory.dmp

Filesize
272KB

Download