cobaltstrike | b51a70ca11b085125e377320f96cf7287bfa6cce86e28c259e6aa6c4f0fe80f6

Analysis

max time kernel
143s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
18/09/2023, 02:48

Target

b51a70ca11b085125e377320f96cf7287bfa6cce86e28c259e6aa6c4f0fe80f6.exe
Size

19KB
MD5

767056cb4944ee2f4a21bc98275205cf
SHA1

3a3ed0e8bea3675c6a7ac1a2498c8145b399fb99
SHA256

b51a70ca11b085125e377320f96cf7287bfa6cce86e28c259e6aa6c4f0fe80f6
SHA512

49bfc4d3ae0bb2c778ec954cffb841ad364f8e8e3c78ac57dd023e6d32694589376ca4e7bb3dfb552c555db1207fe56d0638a4409223bdd7b4a0860294d31587
SSDEEP

192:FV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2M2s25mWF8qa1Dojjgi:nqaCF31cix+Dc4zjpgFF46gi

Score

10^/10

Family

cobaltstrike

http://106.54.211.150:54321/EsCb

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\b51a70ca11b085125e377320f96cf7287bfa6cce86e28c259e6aa6c4f0fe80f6.exe
"C:\Users\Admin\AppData\Local\Temp\b51a70ca11b085125e377320f96cf7287bfa6cce86e28c259e6aa6c4f0fe80f6.exe"
1⤵
PID:4668

memory/4668-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/4668-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download