Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
17-04-2024 00:12
Static task
static1
Behavioral task
behavioral1
Sample
df23ee1ad49ade8d6b932c4a15275ab331ae8cd66a69e813b561d8e5a36cb51c.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
df23ee1ad49ade8d6b932c4a15275ab331ae8cd66a69e813b561d8e5a36cb51c.exe
Resource
win10v2004-20240412-en
General
-
Target
df23ee1ad49ade8d6b932c4a15275ab331ae8cd66a69e813b561d8e5a36cb51c.exe
-
Size
19KB
-
MD5
72e9371723872e9a603ab29da71e4871
-
SHA1
f916f23b9f65e4b1401c827c06f264fa8cc334b5
-
SHA256
df23ee1ad49ade8d6b932c4a15275ab331ae8cd66a69e813b561d8e5a36cb51c
-
SHA512
673e16ea0db221b35c06fcebc50f440e33c0da53d55d8ac4bbf4ea14d7b0b676f502c262ab760591c976a87ecb1f3ab474265f41ff374f87c474bd7ba0b139f1
-
SSDEEP
192:SV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2JodxZPWWF8qa1Dojjgi:cqaCF31cix+Dc4zjxHFFF46gi
Malware Config
Extracted
cobaltstrike
http://122.51.81.205:60072/i8cY
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.