Analysis
-
max time kernel
132s -
max time network
164s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
19-02-2024 00:49
Behavioral task
behavioral1
Sample
2024-02-19_6be0f834a897c1f967c46420d2c0f4bb_cobalt-strike_cobaltstrike.exe
Resource
win7-20231215-en
windows7-x64
11 signatures
150 seconds
General
-
Target
2024-02-19_6be0f834a897c1f967c46420d2c0f4bb_cobalt-strike_cobaltstrike.exe
-
Size
6.0MB
-
MD5
6be0f834a897c1f967c46420d2c0f4bb
-
SHA1
10279026995caea25255e0723cf8e710aea1de12
-
SHA256
ed556dc57b9512c525d599a50d1340d5e61cf229722ffd0c993676318f56f041
-
SHA512
b883a2e8b7166d4bea418f686173a91fbdfbf980a3e5195ee6ae70954186288e1c88cc1fb7d7c28ee410ea454c6ce05c9086d24da38a5b74b729fc1eeb654c27
-
SSDEEP
98304:EniLf9FdfE0pZB156utgpPFotBER/mQ32lU8:eOl56utgpPF8u/78
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule behavioral2/memory/2600-0-0x00007FF69D1A0000-0x00007FF69D4F4000-memory.dmp UPX -
XMRig Miner payload 1 IoCs
Processes:
resource yara_rule behavioral2/memory/2600-0-0x00007FF69D1A0000-0x00007FF69D4F4000-memory.dmp xmrig -
Processes:
resource yara_rule behavioral2/memory/2600-0-0x00007FF69D1A0000-0x00007FF69D4F4000-memory.dmp upx