cobaltstrike | 6dd8285d3137cc7aca2751b0c59beef27b891b87708eb18a03c71c09fee1feab

Analysis

max time kernel
150s
max time network
184s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 11:29

Target

6dd8285d3137cc7aca2751b0c59beef27b891b87708eb18a03c71c09fee1feab.exe
Size

19KB
MD5

7ff7a7e8ae51d8aebb8ca5c8f4c093e3
SHA1

545a54c7e0b04e963759b113ac141316fd677ec1
SHA256

6dd8285d3137cc7aca2751b0c59beef27b891b87708eb18a03c71c09fee1feab
SHA512

412b7294928b879f5abbab2a7ed07d41cdae62a4aef90dde97376569bced7d9c1490d3cd7a5b7f36add7d1ec6e3f371cffe667e8ae029a252558eb57e2c87add
SSDEEP

192:VV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2J5RyWF8qa1Dojjgi:3qaCF31cix+Dc4zjq5JFF46gi

Score

10^/10

Family

cobaltstrike

http://192.168.199.128:8888/NOmS

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\6dd8285d3137cc7aca2751b0c59beef27b891b87708eb18a03c71c09fee1feab.exe
"C:\Users\Admin\AppData\Local\Temp\6dd8285d3137cc7aca2751b0c59beef27b891b87708eb18a03c71c09fee1feab.exe"
1⤵
PID:2184

memory/2184-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2184-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download