cobaltstrike | 3cf2be99ac5716160932a36a2e428dee73736aaddd91d0b2014566490ffa6c70

Analysis

max time kernel
148s
max time network
152s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
29/08/2023, 01:02

Target

3cf2be99ac5716160932a36a2e428dee73736aaddd91d0b2014566490ffa6c70.exe
Size

4.8MB
MD5

5af0165e823e302e8893dcaa64d837de
SHA1

265dee7f93d3b6fd5dbd915469d986864809799a
SHA256

3cf2be99ac5716160932a36a2e428dee73736aaddd91d0b2014566490ffa6c70
SHA512

d8e13c9534fa14cc0ae1e181e6b0495998afef4385b0726c212f607e76f295ddc9169b87f8ea74f8028ec357b72aefcd45929999273bed2298b1065621b3848f
SSDEEP

49152:Axw4t7FeJjG4ynN6egGH2aPZenjDGeNmt5EHcaBSC1RfQbcdvFZE:MVFsjkNNNPZinG5EHn1Cb4

Score

10^/10

Family

cobaltstrike

http://192.168.222.128:3307/9YyR

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\3cf2be99ac5716160932a36a2e428dee73736aaddd91d0b2014566490ffa6c70.exe
"C:\Users\Admin\AppData\Local\Temp\3cf2be99ac5716160932a36a2e428dee73736aaddd91d0b2014566490ffa6c70.exe"
1⤵
PID:2276

memory/2276-0-0x0000000000A50000-0x0000000000A51000-memory.dmp

Filesize
4KB

Download