Overview

overview

10

Static

static

3

1b92415e74...c4.exe

windows7-x64

10

1b92415e74...c4.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17-04-2024 12:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1b92415e74b7bdc9961dc053d68c386873a72ac811b68a29e46bdef421301cc4.exe

  • Size

    19KB

  • MD5

    cc41d2c3a7e747a402c55cc5b65d0e80

  • SHA1

    719883f769bca7c6feb358cd552eb64baa7991e0

  • SHA256

    1b92415e74b7bdc9961dc053d68c386873a72ac811b68a29e46bdef421301cc4

  • SHA512

    f36e430835d049365b727115d3cefb79aabf3eeab799b7e1764754e3a3f8bce06008c1efc256c44458632fc5fed0219b92ec738bf5bc1c2287c27a31139fb5c1

  • SSDEEP

    192:dV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2nFlQRWF8qa1Dojjgi:PqaCF31cix+Dc4zjSQsFF46gi

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://39.104.52.1:81/TuDP

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;NLNL)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\1b92415e74b7bdc9961dc053d68c386873a72ac811b68a29e46bdef421301cc4.exe
    "C:\Users\Admin\AppData\Local\Temp\1b92415e74b7bdc9961dc053d68c386873a72ac811b68a29e46bdef421301cc4.exe"
    1⤵
      PID:2204

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2204-0-0x0000000000020000-0x0000000000021000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2204-1-0x0000000000400000-0x000000000040C000-memory.dmp
      Filesize

      48KB

      Download