Analysis
-
max time kernel
150s -
max time network
153s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
17-04-2024 04:16
Static task
static1
Behavioral task
behavioral1
Sample
4bfebd6269d81de5d3719309a3a71d2637deb1d48fa340b6ce7b53e47bcc1a40.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4bfebd6269d81de5d3719309a3a71d2637deb1d48fa340b6ce7b53e47bcc1a40.exe
Resource
win10v2004-20240226-en
General
-
Target
4bfebd6269d81de5d3719309a3a71d2637deb1d48fa340b6ce7b53e47bcc1a40.exe
-
Size
19KB
-
MD5
47cbfb3e162e4302053a5ec5415e6eb4
-
SHA1
eba4c613122536b426c21b03abdfe96437e82637
-
SHA256
4bfebd6269d81de5d3719309a3a71d2637deb1d48fa340b6ce7b53e47bcc1a40
-
SHA512
176834b54754bc7bb0fdd92e645fe808238b154f14a1a74cbf2b893fac9116b570c872e4dd29e7f7c95e3f651c42d23dfbe9a469fb5af019db5b046d45711dc2
-
SSDEEP
192:eV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2XYEWF8qa1Dojjgi:oqaCF31cix+Dc4zjwYxFF46gi
Malware Config
Extracted
cobaltstrike
http://199.180.119.62:2333/x6hG
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0; Touch)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2228-0-0x0000000000020000-0x0000000000021000-memory.dmpFilesize
4KB
-
memory/2228-1-0x0000000003BE0000-0x0000000003FE0000-memory.dmpFilesize
4.0MB
-
memory/2228-2-0x0000000000500000-0x0000000000556000-memory.dmpFilesize
344KB
-
memory/2228-3-0x0000000000400000-0x000000000040C000-memory.dmpFilesize
48KB
-
memory/2228-5-0x0000000000500000-0x0000000000556000-memory.dmpFilesize
344KB