Analysis
-
max time kernel
148s -
max time network
148s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
30-03-2024 10:04
Static task
static1
Behavioral task
behavioral1
Sample
5ce64578ce20468e884be3b05672cfc8ead6b6e0d884d6e6c44d879c1c2358b7.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
5ce64578ce20468e884be3b05672cfc8ead6b6e0d884d6e6c44d879c1c2358b7.exe
Resource
win10v2004-20240226-en
General
-
Target
5ce64578ce20468e884be3b05672cfc8ead6b6e0d884d6e6c44d879c1c2358b7.exe
-
Size
19KB
-
MD5
7d4de391a016e6e73f223639f03d8410
-
SHA1
0921c9454a7e5206d72abb8b99766375d857fa61
-
SHA256
5ce64578ce20468e884be3b05672cfc8ead6b6e0d884d6e6c44d879c1c2358b7
-
SHA512
eafe98fd4ceba4ef1a640d4664e510970917081848bdab27cb8e732bff8de1ab17da88d637b04023f916dd7763b9696bccffccaf7f3fd1333e7ec190d59d7c01
-
SSDEEP
192:3V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2j7OjAWF8qa1Dojjgi:hqaCF31cix+Dc4zj87EFFF46gi
Malware Config
Extracted
cobaltstrike
http://120.55.183.201:1234/1vAu
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.