cobaltstrike | a7e92420cf7aefebb990a25e3d007831b9515fe0a937625d71474f42e8fc03eb

Analysis

max time kernel
149s
max time network
152s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
27-08-2023 06:39

Target

a7e92420cf7aefebb990a25e3d007831b9515fe0a937625d71474f42e8fc03eb.exe
Size

19KB
MD5

1f5e5fb23dbb44b0dccfb2d74b56ee72
SHA1

588859faeec7dd0d0a6aa37c9fc0f1a68eebcb2d
SHA256

a7e92420cf7aefebb990a25e3d007831b9515fe0a937625d71474f42e8fc03eb
SHA512

431dd2da23cd455c16fd37983b1fe4c183a4911c477e36ad82996e012ce3880a60cc3ef4836ba95d0655dc67b1ad2cd7cc116191d60898a88001b0f9a15c4cac
SSDEEP

192:iV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2KkJMWF8qa1Dojjgi:sqaCF31cix+Dc4zjYTFF46gi

Score

10^/10

Family

cobaltstrike

http://192.168.144.134:80/hTTM

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MANM; MANM)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\a7e92420cf7aefebb990a25e3d007831b9515fe0a937625d71474f42e8fc03eb.exe
"C:\Users\Admin\AppData\Local\Temp\a7e92420cf7aefebb990a25e3d007831b9515fe0a937625d71474f42e8fc03eb.exe"
1⤵
PID:1976

memory/1976-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/1976-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download