cobaltstrike | 960e1e7f437bed5d40b0334b0e1a7ed78102bcbd14f8b2a25e8ae67d0d93b5ff

Analysis

max time kernel
149s
max time network
154s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
06-03-2024 06:33

Target

960e1e7f437bed5d40b0334b0e1a7ed78102bcbd14f8b2a25e8ae67d0d93b5ff.exe
Size

2.2MB
MD5

16c331d7472060d7b606109d7e6b2d86
SHA1

c99580d7963fc1981de10b7884478defa88cf1b6
SHA256

960e1e7f437bed5d40b0334b0e1a7ed78102bcbd14f8b2a25e8ae67d0d93b5ff
SHA512

ec0f66ea78a62a21261b4263dc4c2835a1cb25ede37a892b1c5fe0b931a308b355d180acabcabc510316f6a219eb2c68f368d44be789460c9d197b762806c430
SSDEEP

49152:uTyuGyYJckACdlwXWCRTOl9Oj8genrg+D1:iGMmbIw

Score

10^/10

Family

cobaltstrike

http://39.100.116.157:80/Rua5

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\960e1e7f437bed5d40b0334b0e1a7ed78102bcbd14f8b2a25e8ae67d0d93b5ff.exe
"C:\Users\Admin\AppData\Local\Temp\960e1e7f437bed5d40b0334b0e1a7ed78102bcbd14f8b2a25e8ae67d0d93b5ff.exe"
1⤵
PID:2872

memory/2872-0-0x0000000029520000-0x0000000029521000-memory.dmp

Filesize
4KB

Download