Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
31-03-2024 20:58
Static task
static1
Behavioral task
behavioral1
Sample
f8a5c83b63638b9a60248ff0bc35e003dbad003d32aaa11a38fe17fb8fe62d9a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f8a5c83b63638b9a60248ff0bc35e003dbad003d32aaa11a38fe17fb8fe62d9a.exe
Resource
win10v2004-20240226-en
General
-
Target
f8a5c83b63638b9a60248ff0bc35e003dbad003d32aaa11a38fe17fb8fe62d9a.exe
-
Size
19KB
-
MD5
74500f1ceec00aa57e42b0610fbfa218
-
SHA1
ec9091d51a86a59928f0e69e2398dc95e2cd4705
-
SHA256
f8a5c83b63638b9a60248ff0bc35e003dbad003d32aaa11a38fe17fb8fe62d9a
-
SHA512
0ce9fa6bb3cbd48e9aa4be336b86c551021810a9f029a4a2d726204c71aa9fedffbda67e060d91b8af3f2eb12bb9b734d625676c5af594cb39fcb4f825d50863
-
SSDEEP
192:NV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2cwTs/+OzB96WF8qa1Dojjgi:/qaCF31cix+Dc4zjMs/+OzB9jFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.1.143:80/VxBM
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MASP)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.