Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
16-04-2024 06:11
Static task
static1
Behavioral task
behavioral1
Sample
ac5a63e5ca5b8f4ff27d0a51e4f04412db67625edf51736c04b8a226e34d3169.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ac5a63e5ca5b8f4ff27d0a51e4f04412db67625edf51736c04b8a226e34d3169.exe
Resource
win10v2004-20240412-en
General
-
Target
ac5a63e5ca5b8f4ff27d0a51e4f04412db67625edf51736c04b8a226e34d3169.exe
-
Size
574KB
-
MD5
e5b218c50dfc3d9f9144d1cdd130e939
-
SHA1
cc9001257e6b040bbd20db0c2ed358963ed9ecdd
-
SHA256
ac5a63e5ca5b8f4ff27d0a51e4f04412db67625edf51736c04b8a226e34d3169
-
SHA512
8d4961db79de8057cd87fdc71125fa9ebc9810af973f33a0ecc11125839c05483d98c2ddf36085a712d1df9d0e84dfd9300ba91103e50a45fee625ee69a224ca
-
SSDEEP
12288:ETIrHMtPFTt8dBHNVwk3Ta77Hp0fWAUmBsmhNDMvYFLXqoTK:GG6FTt+9bMvYFLXqoTK
Malware Config
Extracted
cobaltstrike
http://47.109.102.98:443/RWpD
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.