Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
29-03-2024 10:01
Static task
static1
Behavioral task
behavioral1
Sample
22b8933dc9390f55be28d127da868f1b727e939cbf1019f3e8f999be06bb5ba9.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
22b8933dc9390f55be28d127da868f1b727e939cbf1019f3e8f999be06bb5ba9.exe
Resource
win10v2004-20240226-en
General
-
Target
22b8933dc9390f55be28d127da868f1b727e939cbf1019f3e8f999be06bb5ba9.exe
-
Size
19KB
-
MD5
c4bec176ec669dafccc8fcd05d64ebd7
-
SHA1
35e59e6b7414bd349cd753dcfa9d0bd4080175cc
-
SHA256
22b8933dc9390f55be28d127da868f1b727e939cbf1019f3e8f999be06bb5ba9
-
SHA512
ac5c0e8d1df4e9d976fc415ae9ca45b1647a99c16a5f04206f3a13755f8a983c558b60c94f3d2626930db95a2d0e28a0aef3417296a99b9754803b4bd2c0b473
-
SSDEEP
192:UV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2PICeVXySYBWF8qa1Dojjgi:GqaCF31cix+Dc4zj1vVXySY8FF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.106.163:80/eEBq
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.