Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24/02/2024, 14:36
Static task
static1
Behavioral task
behavioral1
Sample
a41465af0de8ca8e7a95a32df24a357e19d78e791a6fdea54eff7f496f63e1a6.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a41465af0de8ca8e7a95a32df24a357e19d78e791a6fdea54eff7f496f63e1a6.exe
Resource
win10v2004-20240221-en
General
-
Target
a41465af0de8ca8e7a95a32df24a357e19d78e791a6fdea54eff7f496f63e1a6.exe
-
Size
2.5MB
-
MD5
2d1f44c4be6b7751f3871edb0e779ac7
-
SHA1
613c8306924f258c1592369514266c3152d3e607
-
SHA256
a41465af0de8ca8e7a95a32df24a357e19d78e791a6fdea54eff7f496f63e1a6
-
SHA512
6304cb9fb428a1b26b3620480877e7e7f98f61427dfb1a53582b7ebbd36a7a6c13275facd7e2b7df6c8756c3f1079d0c735975deb5d4c83eecc1a1ec5222e1a1
-
SSDEEP
49152:QqjZjlHjBwhjJijgzPPk/KH8JPKWZmUj3tFj7:vLDgznkyH8hKAmw
Malware Config
Extracted
cobaltstrike
http://192.168.137.3:80/frCB
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.