Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
17-04-2024 04:19
General
-
Target
22c510a7d95e55c9ba9f55950d4222e55bfd451d2334f40968322b4c68f8fa48.exe
-
Size
19KB
-
MD5
ef6fd2ad7cfbf5ad2370e49cc819c14a
-
SHA1
e033083edf71dbcd6df8d8c43571b2ee1933ce1c
-
SHA256
22c510a7d95e55c9ba9f55950d4222e55bfd451d2334f40968322b4c68f8fa48
-
SHA512
a5f1c77cd72a105b97f863b7590d6c8031fccde99eb293f9575d056453738fe41cb789122ff54604d0ccc310f36aba722f3b146f61f13a0b7814782f8d3b7c28
-
SSDEEP
192:YV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2N0GsqweWF8qa1Dojjgi:KqaCF31cix+Dc4zjS0G4fFF46gi
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
C2
http://148.135.72.115:8088/UJZd
Attributes
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
Processes
-
C:\Users\Admin\AppData\Local\Temp\22c510a7d95e55c9ba9f55950d4222e55bfd451d2334f40968322b4c68f8fa48.exe"C:\Users\Admin\AppData\Local\Temp\22c510a7d95e55c9ba9f55950d4222e55bfd451d2334f40968322b4c68f8fa48.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2020-0-0x0000000000020000-0x0000000000021000-memory.dmpFilesize
4KB
-
memory/2020-1-0x0000000000400000-0x000000000040C000-memory.dmpFilesize
48KB