Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24/02/2024, 11:36

General

  • Target

    31c419fb59f6471e123c4e76cd2dc9669e156b0e2224bc3a898918f38e263dd8.exe

  • Size

    19KB

  • MD5

    c09274f0cbb2cc5ee1656140e9cee776

  • SHA1

    fe065babf6cd83adbfadc3f0c3b7a0337595dc79

  • SHA256

    31c419fb59f6471e123c4e76cd2dc9669e156b0e2224bc3a898918f38e263dd8

  • SHA512

    de1c4d8aa79e372a108d028880e5f9db419ed99e585a209ed8414be72c1546a0016abb188789ffba8a4d9f27d73052ee05e58f12586c76864ae6f45c4b7bbea8

  • SSDEEP

    192:lV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2ebl0WF8qa1Dojjgi:HqaCF31cix+Dc4zjLPFF46gi

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.1.209:80/IBzX

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; qdesk 2.4.1263.203; Windows NT 6.1; WOW64; Trident/5.0)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\31c419fb59f6471e123c4e76cd2dc9669e156b0e2224bc3a898918f38e263dd8.exe
    "C:\Users\Admin\AppData\Local\Temp\31c419fb59f6471e123c4e76cd2dc9669e156b0e2224bc3a898918f38e263dd8.exe"
    1⤵
      PID:2124

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2124-0-0x0000000000020000-0x0000000000021000-memory.dmp

            Filesize

            4KB

          • memory/2124-1-0x0000000000400000-0x000000000040C000-memory.dmp

            Filesize

            48KB