cobaltstrike | 32a7e76b80322fc0dbebc6ce832bb28ddd0e49bf98c501608fd6aeb21b220b76

Analysis

max time kernel
117s
max time network
122s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
04-10-2023 20:36

Target

32a7e76b80322fc0dbebc6ce832bb28ddd0e49bf98c501608fd6aeb21b220b76.exe
Size

19KB
MD5

b41104945b31d49690bbb8ca63bf9581
SHA1

9471d6ab2f53aa90efb047357726653f63f0b790
SHA256

32a7e76b80322fc0dbebc6ce832bb28ddd0e49bf98c501608fd6aeb21b220b76
SHA512

9ff2d568f09f526a2058bcd81f7e694e3cd1eb395e25a66a4642de17e077a2e2c9c0c6a714ce0c3eb418c774fc5feb2cb810964ab75cce75a9d72af223837c4e
SSDEEP

192:XV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2qI6h5WF8qa1Dojjgi:BqaCF31cix+Dc4zj64kFF46gi

Score

10^/10

Family

cobaltstrike

http://47.100.199.51:8888/Rj3n

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MANM; MANM)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\32a7e76b80322fc0dbebc6ce832bb28ddd0e49bf98c501608fd6aeb21b220b76.exe
"C:\Users\Admin\AppData\Local\Temp\32a7e76b80322fc0dbebc6ce832bb28ddd0e49bf98c501608fd6aeb21b220b76.exe"
1⤵
PID:2968

memory/2968-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2968-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download