Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/03/2024, 20:23

General

  • Target

    b594afc619b7f19b04c125b093ddb099.exe

  • Size

    2.5MB

  • MD5

    b594afc619b7f19b04c125b093ddb099

  • SHA1

    1e151a99c1b3e8f66f70e0174b957cc687c79984

  • SHA256

    b4cfc49d647ebeffb99579dbd4be2a4ca779e3d36b60656aaa9d616ac343e991

  • SHA512

    4391d5a29a17d47d12b8f297577a5f6a9cb653b41265b81ee596d9eb64f2dccdb7fd176318e06eb8d7282524ba31eb78fde4909035e947ef8042d3dbe0f85ade

  • SSDEEP

    24576:lR5N5YQjiT5MEiIoSFfxnqq+/BIBRo/OWhUpH/f0HLa8q16:dH1jMJiIoMJnqq+/BIztx8He8q1

Malware Config

Extracted

Family

cobaltstrike

C2

http://122.9.157.122:800/yz73

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; qdesk 2.4.1263.203; Windows NT 6.1; WOW64; Trident/5.0)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\b594afc619b7f19b04c125b093ddb099.exe
    "C:\Users\Admin\AppData\Local\Temp\b594afc619b7f19b04c125b093ddb099.exe"
    1⤵
      PID:2496

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2496-0-0x000002F9AA6F0000-0x000002F9AA6F1000-memory.dmp

            Filesize

            4KB