cobaltstrike | aadad88ad19f229bb3bc1874683f71040c5be361a25fa725662017573bbcf543

Analysis

max time kernel
151s
max time network
158s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
09/04/2024, 10:14

Target

aadad88ad19f229bb3bc1874683f71040c5be361a25fa725662017573bbcf543.exe
Size

19KB
MD5

bf665f9074f994935022867a2c452935
SHA1

c934391f7b75a9a4ce3adfda384fbad00341bc0b
SHA256

aadad88ad19f229bb3bc1874683f71040c5be361a25fa725662017573bbcf543
SHA512

089b76cf5c89314476482ab64a338905c1bd4630e6a2ff2e5054b32f045247830386d1b8b85591b1df3b8dd38634ac7891712aac1333dbcd15debedf6e89e92a
SSDEEP

192:/V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2uQeuWF8qa1Dojjgi:5qaCF31cix+Dc4zjnnFF46gi

Score

10^/10

Family

cobaltstrike

http://47.98.247.113:9999/fBBs

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) LBBROWSER

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\aadad88ad19f229bb3bc1874683f71040c5be361a25fa725662017573bbcf543.exe
"C:\Users\Admin\AppData\Local\Temp\aadad88ad19f229bb3bc1874683f71040c5be361a25fa725662017573bbcf543.exe"
1⤵
PID:916

memory/916-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/916-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download