Analysis
-
max time kernel
149s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system -
submitted
24/02/2024, 11:33
Static task
static1
Behavioral task
behavioral1
Sample
57ce94ee6cc55399a360f3212b39024a9b902e1d9f37293003e6b76ce50d309b.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
57ce94ee6cc55399a360f3212b39024a9b902e1d9f37293003e6b76ce50d309b.exe
Resource
win10v2004-20240221-en
General
-
Target
57ce94ee6cc55399a360f3212b39024a9b902e1d9f37293003e6b76ce50d309b.exe
-
Size
1.3MB
-
MD5
bd475142a1f81965f7ed0520eb71529e
-
SHA1
051d038461aa3bf93924bf17ec9aeb0de4f5069f
-
SHA256
57ce94ee6cc55399a360f3212b39024a9b902e1d9f37293003e6b76ce50d309b
-
SHA512
bb634d980fe0abc0b54155a8fe6da414d9543c3cb46d45a6ef131dc7c98961c7ea81be04946e6a186e8fe5e9f3e2211c442d9d916d7e63f1bed5285b13c0638a
-
SSDEEP
24576:ShHzf7g681+NZIQWTtesoVg7exdEbnSeMlyExcD630+mT2B:ovg6Vf/sSeYyvDk0+mT2B
Malware Config
Extracted
cobaltstrike
http://192.168.137.3:80/frCB
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.