Overview

overview

10

Static

static

10

03f168f11d...e5.exe

windows7-x64

10

03f168f11d...e5.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/04/2024, 04:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    03f168f11d7ebc458e6450d624331056ae94d19bfc551111605b3fbbf3a325e5.exe

  • Size

    1.0MB

  • MD5

    76d94212bf605660b2da430ad5bdcac4

  • SHA1

    599ffa179da907fd047bedec4dbf49f8f4945c09

  • SHA256

    03f168f11d7ebc458e6450d624331056ae94d19bfc551111605b3fbbf3a325e5

  • SHA512

    ba9fcde7bf69d87323695ce08b1c8813dbd5cfb3bac18e387110ebea820b2e27264bec6718d34086f2e0f7329c91efa3ad31bd7128d26150594b28c351d9b873

  • SSDEEP

    24576:roXiAT8Sdw01rrb/TmvO90d7HjmAFd4A64nsfJvzj43Sgv6z0r:UXiC8Sdl1rrb/TmvO90d7HjmAFd4A64H

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://60.204.198.183:13579/feOC

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; Touch)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\03f168f11d7ebc458e6450d624331056ae94d19bfc551111605b3fbbf3a325e5.exe
    "C:\Users\Admin\AppData\Local\Temp\03f168f11d7ebc458e6450d624331056ae94d19bfc551111605b3fbbf3a325e5.exe"
    1⤵
      PID:4856

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4856-0-0x000001ECE13F0000-0x000001ECE13F1000-memory.dmp

      Filesize

      4KB

      Download