Analysis
-
max time kernel
149s -
max time network
153s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
17-04-2024 17:41
Static task
static1
Behavioral task
behavioral1
Sample
b61f41e4bb298e0159525707beaefbdb68d3bcea1a33b33f1504a916ce9cd59b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b61f41e4bb298e0159525707beaefbdb68d3bcea1a33b33f1504a916ce9cd59b.exe
Resource
win10v2004-20240412-en
General
-
Target
b61f41e4bb298e0159525707beaefbdb68d3bcea1a33b33f1504a916ce9cd59b.exe
-
Size
19KB
-
MD5
741fbebbf6861bd1cbe6ea9c777a95d7
-
SHA1
262a14be036fe558ea64843e2c57b03bf7df6c0c
-
SHA256
b61f41e4bb298e0159525707beaefbdb68d3bcea1a33b33f1504a916ce9cd59b
-
SHA512
31d5ba2f38d8cc5d25fa119eb2b10a2ba4ed4eac01b75bfc843db6da0aeac196f2e7bd310f67041eb8f91d023d491c56da24dc45c10ca1636af8b47ee913d84e
-
SSDEEP
192:qV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2jlpWF8qa1Dojjgi:EqaCF31cix+Dc4zj4l0FF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.56.101:443/8Hmp
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.3; .NET CLR 2.0.50727)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.