Analysis
-
max time kernel
150s -
max time network
163s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
04-12-2022 10:54
Static task
static1
Behavioral task
behavioral1
Sample
f8d0d23a98dafbfdd76ad617f20889be52f1e25750f11e7bc74bef156f87217f.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
f8d0d23a98dafbfdd76ad617f20889be52f1e25750f11e7bc74bef156f87217f.exe
Resource
win10v2004-20220812-en
General
-
Target
f8d0d23a98dafbfdd76ad617f20889be52f1e25750f11e7bc74bef156f87217f.exe
-
Size
60KB
-
MD5
9c7828e9ae2d9a7682cca84af65937bc
-
SHA1
3eea3832d5765315937cb48b34af1301d98a6efb
-
SHA256
f8d0d23a98dafbfdd76ad617f20889be52f1e25750f11e7bc74bef156f87217f
-
SHA512
4b0e32ddeab24af9542fc48be150527ba229aec7bbca8bb13f9b56246a4e6a0b20b15f7625cbb7012a72920a9eb3e3fc945fc065e3e97a4bcf63b812c58f8409
-
SSDEEP
1536:jL0AzrN5OugTBlsAYmB3BWeQcEWtQkvTa:TzrN5OugTYfuWeQcntQya
Malware Config
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
f8d0d23a98dafbfdd76ad617f20889be52f1e25750f11e7bc74bef156f87217f.exepid process 2688 f8d0d23a98dafbfdd76ad617f20889be52f1e25750f11e7bc74bef156f87217f.exe