Analysis
-
max time kernel
148s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
15-04-2024 21:07
Static task
static1
Behavioral task
behavioral1
Sample
d477d9fdfd2da88396a21f277c066635d34c6ed17c570b740364d7e04d3618eb.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d477d9fdfd2da88396a21f277c066635d34c6ed17c570b740364d7e04d3618eb.exe
Resource
win10v2004-20240412-en
General
-
Target
d477d9fdfd2da88396a21f277c066635d34c6ed17c570b740364d7e04d3618eb.exe
-
Size
19KB
-
MD5
85ca4c24b93dde56321e62ce71aa8bb2
-
SHA1
4eab75f775686e0bc73227158a1efa432aa462e9
-
SHA256
d477d9fdfd2da88396a21f277c066635d34c6ed17c570b740364d7e04d3618eb
-
SHA512
135775dab2dd24b345e33ac6a026e72d8b37b63a2f4156921c8995dd5e1cf2a8219571f29de4ded832d4d4cc8a6235449f962e797065ad6094ba1b622eb5aec6
-
SSDEEP
384:gShgeVblV1rnScK6E6fRzt6uJwN4bjaXNCRSYWYMkW3U:gS5zffat4/RdWYnW3
Malware Config
Extracted
cobaltstrike
http://43.142.193.86:80/sIp1
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;ENUSMSE)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.