cobaltstrike | 4dcd1cb424e260cab1d5cb25b4fb41889f3baa1e8d0f5da4b57b0c118b8baaf4

Analysis

max time kernel
157s
max time network
182s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
05/10/2023, 16:56

Target

4dcd1cb424e260cab1d5cb25b4fb41889f3baa1e8d0f5da4b57b0c118b8baaf4_JC.exe
Size

1.3MB
MD5

8dc4d47edc12284f73125302b69c6f5f
SHA1

d167e6c6b3c91f992df02fdc92e6af06ecd18d21
SHA256

4dcd1cb424e260cab1d5cb25b4fb41889f3baa1e8d0f5da4b57b0c118b8baaf4
SHA512

0d43ff931c049e3a277132b5b45f2f54c270f878c1577ac00e67ce3e30d0a50cc4b13a6eadd5d8d245c6297b9dc91d00f03edf378f6dd2bf4f8c5e409e76d6a4
SSDEEP

24576:GxLByKKSIDWMoY+DJMUOyaPRNBO5GyDvk5Yq2hFTZ4:qF5Icdn5G6vk6FC

Score

10^/10

Family

cobaltstrike

http://lan.iloveu.top:8019/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\4dcd1cb424e260cab1d5cb25b4fb41889f3baa1e8d0f5da4b57b0c118b8baaf4_JC.exe
"C:\Users\Admin\AppData\Local\Temp\4dcd1cb424e260cab1d5cb25b4fb41889f3baa1e8d0f5da4b57b0c118b8baaf4_JC.exe"
1⤵
PID:2132

memory/2132-0-0x00000227B31B0000-0x00000227B31B1000-memory.dmp

Filesize
4KB

Download