cobaltstrike | 33ddd1d6b4a74da91e97c0174406b4f09b828365dfa29785273c4b06ebcd26c8

Analysis

max time kernel
147s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20231127-en
resource tags

arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system
submitted
11/12/2023, 20:56

Target

33ddd1d6b4a74da91e97c0174406b4f09b828365dfa29785273c4b06ebcd26c8.exe
Size

1.3MB
MD5

4b065f19e8759bae1953802946648909
SHA1

919f1160b0784dec1ae9d624e3f6e46d50698d9a
SHA256

33ddd1d6b4a74da91e97c0174406b4f09b828365dfa29785273c4b06ebcd26c8
SHA512

b12dcda179202567da486119dca08a7d856610a2bbba58ec4ae8e208a05ac8812e2886dbb55e9a4e916a3240a5eee9d7994e172b8a2809ca823d0f2c68c49494
SSDEEP

24576:3Igm87ypUwuKbn1+NZIQoj1aPRMgia2T90iVWjkKybTs5i:zmVpUwuBfNL2T+TIhTs

Score

10^/10

Family

cobaltstrike

http://www.emohack.xyz:8443/components/oaSDOSAHD.gif

Attributes

user_agent
Host: www.emohack.xyz Connection: close Accept-Encoding: gzip, br User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\33ddd1d6b4a74da91e97c0174406b4f09b828365dfa29785273c4b06ebcd26c8.exe
"C:\Users\Admin\AppData\Local\Temp\33ddd1d6b4a74da91e97c0174406b4f09b828365dfa29785273c4b06ebcd26c8.exe"
1⤵
PID:4492

memory/4492-0-0x0000028EEA3A0000-0x0000028EEA3A1000-memory.dmp

Filesize
4KB

Download
memory/4492-1-0x0000028EF12E0000-0x0000028EF16E0000-memory.dmp

Filesize
4.0MB

Download
memory/4492-2-0x0000028EF12E0000-0x0000028EF16E0000-memory.dmp

Filesize
4.0MB

Download