Analysis
-
max time kernel
149s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
17-04-2024 04:21
Static task
static1
Behavioral task
behavioral1
Sample
6ba47bd6b3571c3cf6bb3bbc4822df2d9af29a286d6efd021813e43c7ef7f97b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6ba47bd6b3571c3cf6bb3bbc4822df2d9af29a286d6efd021813e43c7ef7f97b.exe
Resource
win10v2004-20240412-en
General
-
Target
6ba47bd6b3571c3cf6bb3bbc4822df2d9af29a286d6efd021813e43c7ef7f97b.exe
-
Size
19KB
-
MD5
9b14bb52db6d68638b6c12b63531e313
-
SHA1
313e675109d8dd612cc1b855fcaf13754da2e2e7
-
SHA256
6ba47bd6b3571c3cf6bb3bbc4822df2d9af29a286d6efd021813e43c7ef7f97b
-
SHA512
ffbaaa04570960484836fff8af3b4fdf80624e0ffb9cb70547561959da4b819edaf8fbe89b0531b1b3999c0ed43bba467c9580110b32c7dd26c18f9ce97b89cc
-
SSDEEP
192:rV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2mOfURWF8qa1Dojjgi:FqaCF31cix+Dc4zju8sFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.157.129:9527/yV4Z
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.