Analysis
-
max time kernel
150s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
05/03/2024, 11:37
Static task
static1
Behavioral task
behavioral1
Sample
dbe956ebb0af21c6ddb08047560a19844a471db7c7c7685ebe2ab0e641922569.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
dbe956ebb0af21c6ddb08047560a19844a471db7c7c7685ebe2ab0e641922569.exe
Resource
win10v2004-20240226-en
General
-
Target
dbe956ebb0af21c6ddb08047560a19844a471db7c7c7685ebe2ab0e641922569.exe
-
Size
19KB
-
MD5
6cb34ef03028764320afd714a8e67c06
-
SHA1
227af07f4b97e8332f3056be217f4c6dcbe52dfc
-
SHA256
dbe956ebb0af21c6ddb08047560a19844a471db7c7c7685ebe2ab0e641922569
-
SHA512
ae07f886a40c52c3093b2033a1dc81007610c1ac17bac62e7c848aae36c6e88a39399fc053317117eb6eec688fce4fda55fc0e2edc1ab87b406ecff04cce119e
-
SSDEEP
192:kV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2NJaWF8qa1Dojjgi:WqaCF31cix+Dc4zjQFF46gi
Malware Config
Extracted
cobaltstrike
http://43.136.71.208:45961/manage/login.jpg
-
user_agent
Host: www.micros0fti.com Accept: */* Accept-Language: en Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.136
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.