Analysis
-
max time kernel
93s -
max time network
113s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
17-04-2024 00:12
Static task
static1
Behavioral task
behavioral1
Sample
b9c9439a28ae2630c987a76366d4e573dba61fcdb4dc2b27390c541b20fcb249.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b9c9439a28ae2630c987a76366d4e573dba61fcdb4dc2b27390c541b20fcb249.exe
Resource
win10v2004-20240412-en
General
-
Target
b9c9439a28ae2630c987a76366d4e573dba61fcdb4dc2b27390c541b20fcb249.exe
-
Size
19KB
-
MD5
abf9411eb9f27586135c2b8045ab3e7a
-
SHA1
3e55be103701d90d7509275f2a2f3cae6c305a5b
-
SHA256
b9c9439a28ae2630c987a76366d4e573dba61fcdb4dc2b27390c541b20fcb249
-
SHA512
a100bd3c66b6010f65383c8525c0113389e63ff07860e96bd2f264b50fa4138bad9975deacec73a9744697dd35cb9df4ff40b1dd78c1ee381f2e8a135fe6eec7
-
SSDEEP
192:3V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2mWF8qa1Dojjgi:hqaCF31cix+Dc4zjYFF46gi
Malware Config
Extracted
cobaltstrike
http://148.135.72.115:8081/5hXh
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.