cobaltstrike | 34afeb5565029cb283e7b21ca5e7f36ecc128167719ac2942f918bf534fb9a5e

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
15-01-2024 03:30

Target

34afeb5565029cb283e7b21ca5e7f36ecc128167719ac2942f918bf534fb9a5e.exe
Size

19KB
MD5

97f8a468d1510454500d6cb1165e65f5
SHA1

1d5e35185c209c40e75275dcc06a3520cea16ed1
SHA256

34afeb5565029cb283e7b21ca5e7f36ecc128167719ac2942f918bf534fb9a5e
SHA512

d0987ea3bbe299bb781fe2150ad4bbdb5ffc885379708b114c81630610b683c302ef7a5c18ec574566da2b9cb22179a8936b861a5918bf2baa8a1ac66bf9e44b
SSDEEP

192:tV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2gDJa4WF8qa1Dojjgi:fqaCF31cix+Dc4zjlMNFF46gi

Score

10^/10

Family

cobaltstrike

http://192.168.10.131:80/3Ohs

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; Avant Browser)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\34afeb5565029cb283e7b21ca5e7f36ecc128167719ac2942f918bf534fb9a5e.exe
"C:\Users\Admin\AppData\Local\Temp\34afeb5565029cb283e7b21ca5e7f36ecc128167719ac2942f918bf534fb9a5e.exe"
1⤵
PID:3628

memory/3628-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/3628-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download