Analysis
-
max time kernel
153s -
max time network
157s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
05-04-2023 01:18
Static task
static1
Behavioral task
behavioral1
Sample
7f3e063461124c6d84e29cb8e7a1ec37a19d936ac5e7a8f648accb637be5f546.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
7f3e063461124c6d84e29cb8e7a1ec37a19d936ac5e7a8f648accb637be5f546.exe
Resource
win10v2004-20230220-en
General
-
Target
7f3e063461124c6d84e29cb8e7a1ec37a19d936ac5e7a8f648accb637be5f546.exe
-
Size
17KB
-
MD5
6838658cb81b76a5b7df5d8687879219
-
SHA1
376c98832a038c165db731c51a3d5fd4592097cf
-
SHA256
7f3e063461124c6d84e29cb8e7a1ec37a19d936ac5e7a8f648accb637be5f546
-
SHA512
1e5d539e1ed795fbd2a31f3958cf1b583227fd9ec42bf5ec0baece366bfbbec0281ff973fb4caa0bd4a40ef59b029db3bbad6283020f0efdc23045812bc51731
-
SSDEEP
192:IDMAe4Ckj19RZZ6wpSfu1bKcq5uHj7khBDSeKNH43xHBUbOj6kxiY:IDMAoKz6WtKEj7aBDiwbAY
Malware Config
Extracted
cobaltstrike
http://173.249.63.184:4334/CobI
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.