Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
05/03/2024, 17:32
Static task
static1
Behavioral task
behavioral1
Sample
7c65c7c8f024d4853055f2c5dba953b14fd2ea3991f329eef78ea2808be10cd4.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7c65c7c8f024d4853055f2c5dba953b14fd2ea3991f329eef78ea2808be10cd4.exe
Resource
win10v2004-20240226-en
General
-
Target
7c65c7c8f024d4853055f2c5dba953b14fd2ea3991f329eef78ea2808be10cd4.exe
-
Size
19KB
-
MD5
4607effcabd1fd65b8c3b4cf046274a8
-
SHA1
bcd722846c6814082be2255c93d55cf0d6922ead
-
SHA256
7c65c7c8f024d4853055f2c5dba953b14fd2ea3991f329eef78ea2808be10cd4
-
SHA512
ac624367dbe8c8e000414a24f360a6720113917ba00f97bf7ad823c665ecb99e416ebca1e73b34ee26dfe7124deb20fc600ddbdc2e987107e2fba88bfd116718
-
SSDEEP
192:7V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2JkV4tJpEWF8qa1Dojjgi:VqaCF31cix+Dc4zjStBFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.116.172:443/I1qr
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.