Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24/02/2024, 12:37
Static task
static1
Behavioral task
behavioral1
Sample
dae09b580591d106399be72a121e233f0837dfcd2fc3b3b11a40d616aee83007.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
dae09b580591d106399be72a121e233f0837dfcd2fc3b3b11a40d616aee83007.exe
Resource
win10v2004-20240221-en
General
-
Target
dae09b580591d106399be72a121e233f0837dfcd2fc3b3b11a40d616aee83007.exe
-
Size
1.5MB
-
MD5
e8479a5cfb6b50cdb0e7e5f9666fe76b
-
SHA1
1b8201cd3f3f34117a7edfd039df8f25057065ae
-
SHA256
dae09b580591d106399be72a121e233f0837dfcd2fc3b3b11a40d616aee83007
-
SHA512
fec83e795300292746b5417b00c2c48077864983c83e7820d3a07700a96dbf9737eb0074bf93396f47f36485c152473c9a1f31d70944c8abb83376fc292f5e4a
-
SSDEEP
24576:moisUimsEli+NZIVF5hNlw1tbflnKBVsxuxgzki97H:49ims6fWhY7bpU+xuwki97
Malware Config
Extracted
cobaltstrike
http://192.168.137.3:80/frCB
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.