cobaltstrike | bfb3c9fcad31b69e33f4167583c9caee3e23b5e21eba695ab417bc7f5cd71ac6

Analysis

max time kernel
112s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2022 05:58

Target

bfb3c9fcad31b69e33f4167583c9caee3e23b5e21eba695ab417bc7f5cd71ac6.exe
Size

305KB
MD5

58a2143fe02f4c366f63b43fd5d37fc6
SHA1

86509cc545d83f329556fe2118ec1cc9ec3e7a58
SHA256

bfb3c9fcad31b69e33f4167583c9caee3e23b5e21eba695ab417bc7f5cd71ac6
SHA512

1a4ed646ad6f5ed0d0b251820e6e281bb66277fd783a929762ff4f12ce95266b154a7109bfaf8c3cb1a724506abb7e4f332f3fd8716d5797ec03d6c53877a848
SSDEEP

6144:5GSzsT72Y0SWzinYKTY1SQshfRPVQe1MZkIYSccr7wbstOQPECYeixlYGicA:5GqQ7SSxYsY1UMqMZJYSN7wbstOQ8fvK

Score

10^/10

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\bfb3c9fcad31b69e33f4167583c9caee3e23b5e21eba695ab417bc7f5cd71ac6.exe
"C:\Users\Admin\AppData\Local\Temp\bfb3c9fcad31b69e33f4167583c9caee3e23b5e21eba695ab417bc7f5cd71ac6.exe"
1⤵
PID:388

memory/388-132-0x0000000000F20000-0x0000000000F70000-memory.dmp

Filesize
320KB

Download
memory/388-133-0x0000000000F20000-0x0000000000F70000-memory.dmp

Filesize
320KB

Download
memory/388-134-0x000000007FA10000-0x000000007FA54000-memory.dmp

Filesize
272KB

Download