Analysis
-
max time kernel
148s -
max time network
156s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
21-03-2023 14:33
Static task
static1
Behavioral task
behavioral1
Sample
a58150ce39e22e8e67f9b582c3064cd8701cdabb4f1ac7ae22c8fc6e0bc2e93b.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
a58150ce39e22e8e67f9b582c3064cd8701cdabb4f1ac7ae22c8fc6e0bc2e93b.exe
Resource
win10v2004-20230220-en
General
-
Target
a58150ce39e22e8e67f9b582c3064cd8701cdabb4f1ac7ae22c8fc6e0bc2e93b.exe
-
Size
24KB
-
MD5
0212ad8f93405ad10af5abad3b5e8ae5
-
SHA1
c9cbaf6b9caff6e02dc43f2ec782d5e24a4852f1
-
SHA256
a58150ce39e22e8e67f9b582c3064cd8701cdabb4f1ac7ae22c8fc6e0bc2e93b
-
SHA512
9af37cc965b2efd0f3dff64ad71b38d832befd30091221a5fa760548857602c9efed8f793992044c6b7733c92526b4a2ef1dbf1a7ee80d792293700e00e6682b
-
SSDEEP
384:qqaCF31cix+Dc4zjuwPLZCFF46gioZUHeMDnG:gMFV+DjrLZ08X
Malware Config
Extracted
cobaltstrike
http://117.50.163.24:8443/wEp1
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MAARJS)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.