Overview

overview

10

Static

static

3

12224362fd...a3.exe

windows7-x64

1

12224362fd...a3.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    142s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-08-2023 11:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    12224362fd2ff4f78aaf861d1298669154cec2c2a1bca564b8e19c3ac3f3b1a3.exe

  • Size

    6.5MB

  • MD5

    ed3ebc9dd42535e2995201014c842875

  • SHA1

    bded2573a9246e7eb5524c34324545b68199f8a6

  • SHA256

    12224362fd2ff4f78aaf861d1298669154cec2c2a1bca564b8e19c3ac3f3b1a3

  • SHA512

    f58ba990365055e1dd339c483ddf7814a26f3bb9b8b88afe71cf9ccd53652e0ace3b845a7e1e39ec15caeda59c49b17a62a5c740658ecc99f3772a8cdad746c4

  • SSDEEP

    49152:PPTINTrVbP4F64hS2nXCo7dOEDcoNQGVe4hzwP79A7O4WvbQgrfNuTGrpqDc70so:shmgGJkRb/C0fFeE8iHq8fxkb9fV

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://43.139.18.156:8443/npm/[email protected]/dist/jquery.js

Attributes
  • user_agent

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Host: cdn.jsdelivr.net Referer: http://cdn.jsdelivr.net/ Accept-Encoding: identity User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\12224362fd2ff4f78aaf861d1298669154cec2c2a1bca564b8e19c3ac3f3b1a3.exe
    "C:\Users\Admin\AppData\Local\Temp\12224362fd2ff4f78aaf861d1298669154cec2c2a1bca564b8e19c3ac3f3b1a3.exe"
    1⤵
      PID:2696

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2696-133-0x0000000000400000-0x000000000151F000-memory.dmp

      Filesize

      17.1MB

      Download

    • memory/2696-134-0x0000000000400000-0x000000000151F000-memory.dmp

      Filesize

      17.1MB

      Download

    • memory/2696-135-0x000000002A6F0000-0x000000002A6F1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2696-138-0x0000000000400000-0x000000000151F000-memory.dmp

      Filesize

      17.1MB

      Download

    • memory/2696-139-0x000000002CC90000-0x000000002D090000-memory.dmp

      Filesize

      4.0MB

      Download

    • memory/2696-140-0x0000000000400000-0x000000000151F000-memory.dmp

      Filesize

      17.1MB

      Download

    • memory/2696-141-0x0000000000400000-0x000000000151F000-memory.dmp

      Filesize

      17.1MB

      Download

    • memory/2696-142-0x0000000000400000-0x000000000151F000-memory.dmp

      Filesize

      17.1MB

      Download

    • memory/2696-143-0x0000000000400000-0x000000000151F000-memory.dmp

      Filesize

      17.1MB

      Download