cobaltstrike | d03ab8361c738b1d9b0467367343ded34897dc72679cbb29f51c26fe259de5db

Analysis

max time kernel
141s
max time network
141s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
09/01/2024, 12:08

Target

d03ab8361c738b1d9b0467367343ded34897dc72679cbb29f51c26fe259de5db.exe
Size

2.3MB
MD5

7911a872b949885175a4b2d8c137a17c
SHA1

847efa24ef7cbf01d445dffde34ea5cd1cde16fe
SHA256

d03ab8361c738b1d9b0467367343ded34897dc72679cbb29f51c26fe259de5db
SHA512

8b2502b06695d9ce2466af235f15117d4e3ffc21585c0c92c5fe0b2d8055d79fc99629497849d3f0239dc248fd064669b387a77d41e37d43daa0ef51bc5d33e7
SSDEEP

24576:aJsooyYZQ10nxLv42gixtxys1vz1mk5vj3UZzFvm6n:aJsohYZQ1ixjgix/nvz1jJj3UZRe6n

Score

10^/10

Family

cobaltstrike

http://47.105.69.34:8000/lRRM

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; QQDownload 733; InfoPath.2)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\d03ab8361c738b1d9b0467367343ded34897dc72679cbb29f51c26fe259de5db.exe
"C:\Users\Admin\AppData\Local\Temp\d03ab8361c738b1d9b0467367343ded34897dc72679cbb29f51c26fe259de5db.exe"
1⤵
PID:2244

memory/2244-0-0x0000000028700000-0x0000000028701000-memory.dmp

Filesize
4KB

Download