Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
05/03/2024, 11:35
Static task
static1
Behavioral task
behavioral1
Sample
949b553a09710219f4cc5e536e37b7dc4c10d2bb8b9b015e411e1fee6732696f.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
949b553a09710219f4cc5e536e37b7dc4c10d2bb8b9b015e411e1fee6732696f.exe
Resource
win10v2004-20240226-en
General
-
Target
949b553a09710219f4cc5e536e37b7dc4c10d2bb8b9b015e411e1fee6732696f.exe
-
Size
19KB
-
MD5
c9c9f06a7ceb4c9d768f669f35bb1431
-
SHA1
9805d85e3d22d60393f98150e9475c95489387c8
-
SHA256
949b553a09710219f4cc5e536e37b7dc4c10d2bb8b9b015e411e1fee6732696f
-
SHA512
1179253f46e0809c475d314e3244e86f4feafa23857d81c6caa641d286e2e5d2c70345a3ad56753e1db61462d81c6e2c328eef90f63e4526be08fe1d358bf679
-
SSDEEP
192:0V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2/o4jMeVWF8qa1Dojjgi:mqaCF31cix+Dc4zj6o2UFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.3.148:6666/s6dP
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.