Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system -
submitted
24/02/2024, 11:36
Static task
static1
Behavioral task
behavioral1
Sample
31c419fb59f6471e123c4e76cd2dc9669e156b0e2224bc3a898918f38e263dd8.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
31c419fb59f6471e123c4e76cd2dc9669e156b0e2224bc3a898918f38e263dd8.exe
Resource
win10v2004-20240221-en
General
-
Target
31c419fb59f6471e123c4e76cd2dc9669e156b0e2224bc3a898918f38e263dd8.exe
-
Size
19KB
-
MD5
c09274f0cbb2cc5ee1656140e9cee776
-
SHA1
fe065babf6cd83adbfadc3f0c3b7a0337595dc79
-
SHA256
31c419fb59f6471e123c4e76cd2dc9669e156b0e2224bc3a898918f38e263dd8
-
SHA512
de1c4d8aa79e372a108d028880e5f9db419ed99e585a209ed8414be72c1546a0016abb188789ffba8a4d9f27d73052ee05e58f12586c76864ae6f45c4b7bbea8
-
SSDEEP
192:lV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2ebl0WF8qa1Dojjgi:HqaCF31cix+Dc4zjLPFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.1.209:80/IBzX
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; qdesk 2.4.1263.203; Windows NT 6.1; WOW64; Trident/5.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.