Analysis
-
max time kernel
149s -
max time network
153s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
17-04-2024 12:39
Static task
static1
Behavioral task
behavioral1
Sample
1b92415e74b7bdc9961dc053d68c386873a72ac811b68a29e46bdef421301cc4.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1b92415e74b7bdc9961dc053d68c386873a72ac811b68a29e46bdef421301cc4.exe
Resource
win10v2004-20240412-en
General
-
Target
1b92415e74b7bdc9961dc053d68c386873a72ac811b68a29e46bdef421301cc4.exe
-
Size
19KB
-
MD5
cc41d2c3a7e747a402c55cc5b65d0e80
-
SHA1
719883f769bca7c6feb358cd552eb64baa7991e0
-
SHA256
1b92415e74b7bdc9961dc053d68c386873a72ac811b68a29e46bdef421301cc4
-
SHA512
f36e430835d049365b727115d3cefb79aabf3eeab799b7e1764754e3a3f8bce06008c1efc256c44458632fc5fed0219b92ec738bf5bc1c2287c27a31139fb5c1
-
SSDEEP
192:dV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2nFlQRWF8qa1Dojjgi:PqaCF31cix+Dc4zjSQsFF46gi
Malware Config
Extracted
cobaltstrike
http://39.104.52.1:81/TuDP
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;NLNL)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.