cobaltstrike | 9bb6b4aeae05e870510fc2b0347069ed8a826e185371f0e54bee7d3b0dd54acb

Resubmissions

14/10/2023, 16:49

14/10/2023, 15:39

max time kernel
178s
max time network
189s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
14/10/2023, 15:39

Target

9bb6b4aeae05e870510fc2b0347069ed8a826e185371f0e54bee7d3b0dd54acb.exe
Size

19KB
MD5

6af1de3d6b7463d756f64ae1301c1e83
SHA1

d899bb7ec5948413581a526f32e433a7202f5069
SHA256

9bb6b4aeae05e870510fc2b0347069ed8a826e185371f0e54bee7d3b0dd54acb
SHA512

1a877c0ce3ef07ec9022af0d7cf79ff5618d7b66f5f5b086de033f0f808a98062fed376fedf645c9f6804da153bce134c9d1dc7829e1233614c0519e8de50e92
SSDEEP

192:JV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/27M9GWF8qa1Dojjgi:rqaCF31cix+Dc4zjqE3FF46gi

Score

10^/10

Family

cobaltstrike

http://123.57.28.144:8089/KQvK

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.2; InfoPath.3)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\9bb6b4aeae05e870510fc2b0347069ed8a826e185371f0e54bee7d3b0dd54acb.exe
"C:\Users\Admin\AppData\Local\Temp\9bb6b4aeae05e870510fc2b0347069ed8a826e185371f0e54bee7d3b0dd54acb.exe"
1⤵
PID:4796

memory/4796-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/4796-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download