cobaltstrike | 02b90986c3e1c0be0e6a6938a97dbe8265c1e17b2bb05de93c4c0dc1889fa9fe

Analysis

max time kernel
137s
max time network
140s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
26/08/2023, 11:47

Target

02b90986c3e1c0be0e6a6938a97dbe8265c1e17b2bb05de93c4c0dc1889fa9fe.exe
Size

2.1MB
MD5

1dcbddf762a672d45e6f37e1c0b09a8b
SHA1

3d5fed12b880694da846676789c07f3abb0af931
SHA256

02b90986c3e1c0be0e6a6938a97dbe8265c1e17b2bb05de93c4c0dc1889fa9fe
SHA512

ebad642862a64f72ac89eadf698f3613e78899afb6fcb127d17451011f64e8617df4df5c4a9de681e6e859c368fecf3a8af5981c1f266df86e115bc9e2b7ea6e
SSDEEP

49152:d+j4fyCCgftTBVK1I7BjvSIiAbQd4LuaX:ZLNjvS9ux

Score

10^/10

Family

cobaltstrike

http://39.105.223.243:6666/pH6o

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\02b90986c3e1c0be0e6a6938a97dbe8265c1e17b2bb05de93c4c0dc1889fa9fe.exe
"C:\Users\Admin\AppData\Local\Temp\02b90986c3e1c0be0e6a6938a97dbe8265c1e17b2bb05de93c4c0dc1889fa9fe.exe"
1⤵
PID:1644

memory/1644-0-0x00000000007A0000-0x00000000007A1000-memory.dmp

Filesize
4KB

Download