cobaltstrike | eea958f3ec3c6a3f5fdca8bae65df1cec0be242ad2438a886e334c87df364e91

Analysis

max time kernel
148s
max time network
154s
platform
windows7_x64
resource
win7-20231023-en
resource tags

arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
submitted
26-11-2023 12:01

Target

eea958f3ec3c6a3f5fdca8bae65df1cec0be242ad2438a886e334c87df364e91.exe
Size

1.4MB
MD5

71b13dc6e9698429259d7b9d5ee3cff8
SHA1

9b9a8ac5e61ff00bf315801df83cdd2ad45b8582
SHA256

eea958f3ec3c6a3f5fdca8bae65df1cec0be242ad2438a886e334c87df364e91
SHA512

607a97a1f72a6b4020270f272cfcc89cf81880245ac34a5a08242ff008cdcae13e04920a3d661bc594a0cecede370293ebb94b679bdd6e74d3df0fb7e01c646e
SSDEEP

24576:aOy2W9SHU3YrS2+C+W7RzWDfTbgxuqWre3npD1:aOyOiYrS2+C50gxuzeXpD1

Score

10^/10

Family

cobaltstrike

http://121.196.198.98:8089/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\eea958f3ec3c6a3f5fdca8bae65df1cec0be242ad2438a886e334c87df364e91.exe
"C:\Users\Admin\AppData\Local\Temp\eea958f3ec3c6a3f5fdca8bae65df1cec0be242ad2438a886e334c87df364e91.exe"
1⤵
PID:2184

memory/2184-0-0x0000000000760000-0x0000000000761000-memory.dmp

Filesize
4KB

Download