Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
25/02/2024, 01:32
Static task
static1
Behavioral task
behavioral1
Sample
a103eeda0112ef835c94083951e7a50489388a43ab66ac840e3ff9ff9b7c3370.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a103eeda0112ef835c94083951e7a50489388a43ab66ac840e3ff9ff9b7c3370.exe
Resource
win10v2004-20240221-en
General
-
Target
a103eeda0112ef835c94083951e7a50489388a43ab66ac840e3ff9ff9b7c3370.exe
-
Size
19KB
-
MD5
2ccbd350bf063244ec202ce02417d9d2
-
SHA1
56d8405678a38fedab618915c0acc15e3446fef3
-
SHA256
a103eeda0112ef835c94083951e7a50489388a43ab66ac840e3ff9ff9b7c3370
-
SHA512
d6bd386fcc87f360151d2d7cefda8132cbcf09bbeec6947938ef6cee7e65ec763c522f8b237951e274e5dd9b8bde0dde05c216876bbe35bd260752ff0e2a5e9a
-
SSDEEP
192:FV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2kAvr+AOLWF8qa1Dojjgi:nqaCF31cix+Dc4zjovr+APFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.200.132:443/N2no
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; NP08; MAAU; NP08)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.