Analysis
-
max time kernel
149s -
max time network
154s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
25/02/2024, 07:35
Static task
static1
Behavioral task
behavioral1
Sample
ba0ad26baeb8473c330b860de9246d6bc23a5a4a24f9bc78ff79b6a5e13f7f29.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ba0ad26baeb8473c330b860de9246d6bc23a5a4a24f9bc78ff79b6a5e13f7f29.exe
Resource
win10v2004-20240221-en
General
-
Target
ba0ad26baeb8473c330b860de9246d6bc23a5a4a24f9bc78ff79b6a5e13f7f29.exe
-
Size
19KB
-
MD5
88f10744ece634dc8e3bfeb8288d8da3
-
SHA1
ffcece96a423f97832e59b784d28780660029a13
-
SHA256
ba0ad26baeb8473c330b860de9246d6bc23a5a4a24f9bc78ff79b6a5e13f7f29
-
SHA512
63b8ed4b27dc42a98fb09a39b6ea161e2dab83f4bfc36045d7d2590d86e9c8f1eae2aacf771ba2f1f0728562ff499a7d15972985483cccb4e7b655257dd4c048
-
SSDEEP
192:GV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2c796NUmWF8qa1Dojjgi:gqaCF31cix+Dc4zjbwMFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.157.130:6666/OOGx
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.