cobaltstrike | a68242d22925acc952c9b32bf7fe87ee782e592985dee1dcdbcfd6dbe7859928

Analysis

max time kernel
177s
max time network
197s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2022 16:00

Target

a68242d22925acc952c9b32bf7fe87ee782e592985dee1dcdbcfd6dbe7859928.exe
Size

312KB
MD5

eeae2ca96761b0df98c83a7eae0c2ee9
SHA1

dd38b41dbd472d27c46b7e2c48afd211e3a59ce6
SHA256

a68242d22925acc952c9b32bf7fe87ee782e592985dee1dcdbcfd6dbe7859928
SHA512

3528f9c67a22e8b2ac9b11dc2598d5299f2a66adc5a55cffad4d1bc87dd919eab9cf2064035090ef1f2d24e9f3353d8f4ea5b8270d508e35e70bce32c2e93a9b
SSDEEP

6144:I+1VyBRl40pPGMHLdL1hALe+2NirdrQdZUwUKD0Ek:IEy94wGMdoLT2NKcCw8

Score

10^/10

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\a68242d22925acc952c9b32bf7fe87ee782e592985dee1dcdbcfd6dbe7859928.exe
"C:\Users\Admin\AppData\Local\Temp\a68242d22925acc952c9b32bf7fe87ee782e592985dee1dcdbcfd6dbe7859928.exe"
1⤵
PID:4368

memory/4368-132-0x0000000000B90000-0x0000000000BE9000-memory.dmp

Filesize
356KB

Download
memory/4368-133-0x0000000000B90000-0x0000000000BE9000-memory.dmp

Filesize
356KB

Download
memory/4368-134-0x000000007FC00000-0x000000007FC44000-memory.dmp

Filesize
272KB

Download