Overview

overview

10

Static

static

3

6ba47bd6b3...7b.exe

windows7-x64

10

6ba47bd6b3...7b.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-04-2024 04:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6ba47bd6b3571c3cf6bb3bbc4822df2d9af29a286d6efd021813e43c7ef7f97b.exe

  • Size

    19KB

  • MD5

    9b14bb52db6d68638b6c12b63531e313

  • SHA1

    313e675109d8dd612cc1b855fcaf13754da2e2e7

  • SHA256

    6ba47bd6b3571c3cf6bb3bbc4822df2d9af29a286d6efd021813e43c7ef7f97b

  • SHA512

    ffbaaa04570960484836fff8af3b4fdf80624e0ffb9cb70547561959da4b819edaf8fbe89b0531b1b3999c0ed43bba467c9580110b32c7dd26c18f9ce97b89cc

  • SSDEEP

    192:rV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2mOfURWF8qa1Dojjgi:FqaCF31cix+Dc4zju8sFF46gi

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.157.129:9527/yV4Z

Attributes
  • user_agent

    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\6ba47bd6b3571c3cf6bb3bbc4822df2d9af29a286d6efd021813e43c7ef7f97b.exe
    "C:\Users\Admin\AppData\Local\Temp\6ba47bd6b3571c3cf6bb3bbc4822df2d9af29a286d6efd021813e43c7ef7f97b.exe"
    1⤵
      PID:880

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/880-0-0x0000000000020000-0x0000000000021000-memory.dmp
      Filesize

      4KB

      Download
    • memory/880-1-0x0000000000400000-0x000000000040C000-memory.dmp
      Filesize

      48KB

      Download