Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
25/02/2024, 07:33
Behavioral task
behavioral1
Sample
b05473c841391ccb2032655a864088e714df2c2e01c837939ad16a6d23c3c387.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b05473c841391ccb2032655a864088e714df2c2e01c837939ad16a6d23c3c387.exe
Resource
win10v2004-20240221-en
General
-
Target
b05473c841391ccb2032655a864088e714df2c2e01c837939ad16a6d23c3c387.exe
-
Size
1.1MB
-
MD5
174024b899474ad2c46d64a50df4f6be
-
SHA1
deffa7948a97a1f3e4ae6e8024e445968668d17f
-
SHA256
b05473c841391ccb2032655a864088e714df2c2e01c837939ad16a6d23c3c387
-
SHA512
ff46ec74107cbda7b5178f7542ac2fd315e06b67df679d0698e98f3b0c7ba220a00b77a5edcb0ba330e7c3f43a854a00cdbf9cdce778cecd8a7862e98fababcc
-
SSDEEP
12288:I27q8BViDLj2nIccHu+Tc/gvpQW7GzBI2Xf/7Vh:IHl/2ngBc8p3uF3Jh
Malware Config
Extracted
cobaltstrike
http://update.office-oa.org:8443/api/2
-
user_agent
Host: update.office-oa.org User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MALC)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.