cobaltstrike | 59250c4214e594fbc9ed90eec2606516649a2c8dcf3ddb13fd67ba1ab5fbee0e

Analysis

max time kernel
144s
max time network
111s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
09/01/2024, 12:09

Target

59250c4214e594fbc9ed90eec2606516649a2c8dcf3ddb13fd67ba1ab5fbee0e.exe
Size

1.7MB
MD5

f58a69044c9efd12b91a3180562952e0
SHA1

dad85e70b022a5388f3df97dd9357bd955e3e6d1
SHA256

59250c4214e594fbc9ed90eec2606516649a2c8dcf3ddb13fd67ba1ab5fbee0e
SHA512

21f989bb9d1d0e0f69de90e04e5325b6ed87c3d90903d0771d646b80c457edea8a25f1c87bbdcc1c3d4a36c3df88e66ae099e74e94aaea53b1e947e64bd61237
SSDEEP

12288:eslIJwRUfoyKTZOD10nxQGpY1naDLtIMHY2gOHxBwQfX7irSyhg4K+FxvlDh1:OJsooyYZQ10nxLv42gixtxyssvz1

Score

10^/10

Family

cobaltstrike

http://47.105.69.34:8000/lRRM

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; QQDownload 733; InfoPath.2)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\59250c4214e594fbc9ed90eec2606516649a2c8dcf3ddb13fd67ba1ab5fbee0e.exe
"C:\Users\Admin\AppData\Local\Temp\59250c4214e594fbc9ed90eec2606516649a2c8dcf3ddb13fd67ba1ab5fbee0e.exe"
1⤵
PID:3036

memory/3036-0-0x00000255CAC00000-0x00000255CAC01000-memory.dmp

Filesize
4KB

Download