cobaltstrike | 1e19c8551d1f51f1c73876eb03b183d19362bef32ce9c6272da0c6774ab8ddd0

Analysis

max time kernel
139s
max time network
141s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-12-2023 13:26

Target

1e19c8551d1f51f1c73876eb03b183d19362bef32ce9c6272da0c6774ab8ddd0.exe
Size

41KB
MD5

3c32aee062fc22445ff748913358693b
SHA1

70166713cceb1c776787ad5f8a6081df53f66730
SHA256

1e19c8551d1f51f1c73876eb03b183d19362bef32ce9c6272da0c6774ab8ddd0
SHA512

da203503cd10da8e81809fde34be8a1751aeb23b424ba6ba093b85e2f27b2cf7d61d2c53fa80e73c434bf54a6bd1504f42516a36904ad1e43b673e0d8e5071cd
SSDEEP

768:rBOZpWVJUNNua3RsFTcuvwpw49G7DetPG3AHFJQUdW:kQJUjua3y9wS49G7SnQUd

Score

10^/10

Family

cobaltstrike

http://45.144.137.45:44365/bootstrap.js

Attributes

user_agent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\1e19c8551d1f51f1c73876eb03b183d19362bef32ce9c6272da0c6774ab8ddd0.exe
"C:\Users\Admin\AppData\Local\Temp\1e19c8551d1f51f1c73876eb03b183d19362bef32ce9c6272da0c6774ab8ddd0.exe"
1⤵
PID:3068

memory/3068-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/3068-1-0x000000013F120000-0x000000013F131000-memory.dmp

Filesize
68KB

Download