Analysis
-
max time kernel
148s -
max time network
152s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
05/03/2024, 20:23
Static task
static1
Behavioral task
behavioral1
Sample
b594afc619b7f19b04c125b093ddb099.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b594afc619b7f19b04c125b093ddb099.exe
Resource
win10v2004-20240226-en
General
-
Target
b594afc619b7f19b04c125b093ddb099.exe
-
Size
2.5MB
-
MD5
b594afc619b7f19b04c125b093ddb099
-
SHA1
1e151a99c1b3e8f66f70e0174b957cc687c79984
-
SHA256
b4cfc49d647ebeffb99579dbd4be2a4ca779e3d36b60656aaa9d616ac343e991
-
SHA512
4391d5a29a17d47d12b8f297577a5f6a9cb653b41265b81ee596d9eb64f2dccdb7fd176318e06eb8d7282524ba31eb78fde4909035e947ef8042d3dbe0f85ade
-
SSDEEP
24576:lR5N5YQjiT5MEiIoSFfxnqq+/BIBRo/OWhUpH/f0HLa8q16:dH1jMJiIoMJnqq+/BIztx8He8q1
Malware Config
Extracted
cobaltstrike
http://122.9.157.122:800/yz73
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; qdesk 2.4.1263.203; Windows NT 6.1; WOW64; Trident/5.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.