cobaltstrike | 626f75c2bd1577200b6e25d24c4916986030262599df71709c3739427a586719

Analysis

max time kernel
147s
max time network
152s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
30-09-2023 06:55

Target

626f75c2bd1577200b6e25d24c4916986030262599df71709c3739427a586719.exe
Size

131KB
MD5

7f0334cb7698d845ed77a449635b59fd
SHA1

d0e02b4978239c35b08ff76f5226a3e5262b295c
SHA256

626f75c2bd1577200b6e25d24c4916986030262599df71709c3739427a586719
SHA512

1afa612ccee4848efec65fef7eadff94462ed3a675b86ecd19dbfd8e6fa6747af875d45955fab638abf09a3451f1d233e6e9e9db62821aa36b45cdf5507b146c
SSDEEP

1536:EQnH7Rs9yjimaRXRKZqeWG3g4WgRVHGUvMFMQiNlRDBW3BoJAwz5+zq:nnb4bKD3g4WgRVH+MRVW38Iq

Score

10^/10

Family

cobaltstrike

http://106.52.201.45:888/HyVF

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\626f75c2bd1577200b6e25d24c4916986030262599df71709c3739427a586719.exe
"C:\Users\Admin\AppData\Local\Temp\626f75c2bd1577200b6e25d24c4916986030262599df71709c3739427a586719.exe"
1⤵
PID:2228

memory/2228-0-0x0000000000400000-0x0000000000422000-memory.dmp

Filesize
136KB

Download