Analysis
-
max time kernel
83s -
max time network
139s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
04-12-2022 22:29
Static task
static1
Behavioral task
behavioral1
Sample
a2ff9dad3b0e2097d62e91d974ee1b1fce798acb1188b62e247413f54cc294db.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a2ff9dad3b0e2097d62e91d974ee1b1fce798acb1188b62e247413f54cc294db.exe
Resource
win10v2004-20220812-en
General
-
Target
a2ff9dad3b0e2097d62e91d974ee1b1fce798acb1188b62e247413f54cc294db.exe
-
Size
76KB
-
MD5
886340bb58befa8524d37d652d6999d6
-
SHA1
4077ee7d1e296f72c9cd68fa412354a98ecf8580
-
SHA256
a2ff9dad3b0e2097d62e91d974ee1b1fce798acb1188b62e247413f54cc294db
-
SHA512
8c8f1846fa263a3d72f4a6d79fcf72497e82659c097b3a7691960b435adc8844b9479fe22214ebf840a2c90f2abe06806d1efd616e49df740748a9b56c87aec4
-
SSDEEP
768:123/BAon0ZkKDftheil31PP1ItaNVxfH8wjaVUz3HakxBWQQ6bAiku94CF9Z1:eAonokyfve8tuat8wR3fau94wB
Malware Config
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
a2ff9dad3b0e2097d62e91d974ee1b1fce798acb1188b62e247413f54cc294db.exepid process 3168 a2ff9dad3b0e2097d62e91d974ee1b1fce798acb1188b62e247413f54cc294db.exe 3168 a2ff9dad3b0e2097d62e91d974ee1b1fce798acb1188b62e247413f54cc294db.exe