Analysis
-
max time kernel
148s -
max time network
148s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
29-03-2024 09:58
Static task
static1
Behavioral task
behavioral1
Sample
0281869b2db840cec36d8041c9726b7b0a5a06581e72a2344569898d711b639a.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
0281869b2db840cec36d8041c9726b7b0a5a06581e72a2344569898d711b639a.exe
Resource
win10v2004-20240226-en
General
-
Target
0281869b2db840cec36d8041c9726b7b0a5a06581e72a2344569898d711b639a.exe
-
Size
19KB
-
MD5
8c380076af74263827cb5b1f25e264f1
-
SHA1
343ab194b434a7000e35c7ac6c46522f10a33ed8
-
SHA256
0281869b2db840cec36d8041c9726b7b0a5a06581e72a2344569898d711b639a
-
SHA512
34fb729bed6cab851b95dcb2a703bbb69e93eeaeb9faaaa1a81906b3dc91b586e603356d3cdb4850b99a4a99561cd5220d37f55653d85c9bb1055ecbe1a352d0
-
SSDEEP
192:/V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2QkWWF8qa1Dojjgi:5qaCF31cix+Dc4zjnknFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.1.67:1133/9nkK
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.