Analysis
-
max time kernel
142s -
max time network
143s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
31-03-2024 01:58
Static task
static1
Behavioral task
behavioral1
Sample
08da2015d58a21e43303de932669842a2ef98123df64fe5b340054f0a4522d92.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
08da2015d58a21e43303de932669842a2ef98123df64fe5b340054f0a4522d92.exe
Resource
win10v2004-20240226-en
General
-
Target
08da2015d58a21e43303de932669842a2ef98123df64fe5b340054f0a4522d92.exe
-
Size
19KB
-
MD5
b53ac4483ca127fe055be1f8a46e5c9d
-
SHA1
ca5eb2e158754fcc2f7670a9f15e5779794c0377
-
SHA256
08da2015d58a21e43303de932669842a2ef98123df64fe5b340054f0a4522d92
-
SHA512
3c17b839dd3abb1d7c6c95a5cace5205ac46810df1602cf4ad9417a7b6c9a982f245cd6b41ab15470e0e62d3f5a945a1d00ade6d31652cd159829b54182a94ef
-
SSDEEP
192:SV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2e9NaqiAw6WF8qa1Dojjgi:cqaCF31cix+Dc4zj5XwjFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.2.81:8888/K5it
-
user_agent
User-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.