cobaltstrike | 2f84659a6eb4b190c70656766250042961cebabb22023e238dd7e216840940f5

Analysis

max time kernel
147s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/01/2024, 03:33

Target

2f84659a6eb4b190c70656766250042961cebabb22023e238dd7e216840940f5.exe
Size

3.6MB
MD5

481bbf098224519278234ca900ee3b38
SHA1

ee52fa3f1e1149d8938cd73ee1b61cf56f1ee1f1
SHA256

2f84659a6eb4b190c70656766250042961cebabb22023e238dd7e216840940f5
SHA512

c5727829ef76f0d33aa9133d573612abe7c538b3317b8f06a219efad5a89e7881a28990a6775461ad9ea03f8c726dab25da6c3c685cd2b6f01021e4483335c2a
SSDEEP

49152:BBMpAWQkj4nyi+8XrjT5E8vdCh4rxAfJEHC31I:B2WWnNi+8XFEzKW31I

Score

10^/10

Family

cobaltstrike

http://192.168.232.131:6060/sj9G

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MAM2)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\2f84659a6eb4b190c70656766250042961cebabb22023e238dd7e216840940f5.exe
"C:\Users\Admin\AppData\Local\Temp\2f84659a6eb4b190c70656766250042961cebabb22023e238dd7e216840940f5.exe"
1⤵
PID:896

memory/896-0-0x000002576E0C0000-0x000002576E0C1000-memory.dmp

Filesize
4KB

Download