cobaltstrike | 3a2da242a677435eec2daff6322d1a40eba0e6f487172d303f7a6d22a1a1983b

Analysis

max time kernel
150s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20231025-en
resource tags

arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system
submitted
03-11-2023 15:41

Target

3a2da242a677435eec2daff6322d1a40eba0e6f487172d303f7a6d22a1a1983b.exe
Size

12KB
MD5

be8dfc7c9d3439a5b2a9aee2a34c8cc5
SHA1

bc816d9c024bd2d6d2c40bd29faa22d963ff8d01
SHA256

3a2da242a677435eec2daff6322d1a40eba0e6f487172d303f7a6d22a1a1983b
SHA512

a46dfdd660fc240918f17cf6f9fa1c54a5ac9969ad138de4eecc7983492ccbfc859d116f56389ba05e5a65bf3723dd2f8e9335482fac4cceca5d20d8ec9ad57e
SSDEEP

192:1P6QmX0sQPhe2SoxgktUJj5kEY0Hqe3G/W5tfBD:QXDQPhUox3UJdY0RG/

Score

10^/10

Family

cobaltstrike

http://192.168.111.10:1111/VZ6w

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MANM; MANM)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\3a2da242a677435eec2daff6322d1a40eba0e6f487172d303f7a6d22a1a1983b.exe
"C:\Users\Admin\AppData\Local\Temp\3a2da242a677435eec2daff6322d1a40eba0e6f487172d303f7a6d22a1a1983b.exe"
1⤵
PID:2468

memory/2468-0-0x0000017CB71E0000-0x0000017CB71E1000-memory.dmp

Filesize
4KB

Download