Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
31-03-2024 10:01
Static task
static1
Behavioral task
behavioral1
Sample
d0f34ff48544cc6d24362f2442c9aabac441f6437cfd03a65ae74bc80f19cb5c.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d0f34ff48544cc6d24362f2442c9aabac441f6437cfd03a65ae74bc80f19cb5c.exe
Resource
win10v2004-20240226-en
General
-
Target
d0f34ff48544cc6d24362f2442c9aabac441f6437cfd03a65ae74bc80f19cb5c.exe
-
Size
19KB
-
MD5
fbb1218b74a8cf1d1dff09ae6bd3fe59
-
SHA1
237c869605d95818a8c7d644fb2c09b46b322fc1
-
SHA256
d0f34ff48544cc6d24362f2442c9aabac441f6437cfd03a65ae74bc80f19cb5c
-
SHA512
bdb5830ca4796d9f422ab40b3009abd18762aa5bb195d6f329ccdd8cac022bf61a0654bbd3736ab563032b8e22d2bae2274a8d64630ee15ad4a0fd4c6ee78b87
-
SSDEEP
192:9V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2JeDHPwhVbWF8qa1Dojjgi:vqaCF31cix+Dc4zjDeViFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.136.129:23456/hCOc
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) LBBROWSER
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.