cobaltstrike | 99ce9369b4e9eaa33e07e915077855f993950ca9973b2558a7c4d776378ec3b2

Analysis

max time kernel
149s
max time network
152s
platform
windows7_x64
resource
win7-20240319-en
resource tags

arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
submitted
17-04-2024 18:28

Target

99ce9369b4e9eaa33e07e915077855f993950ca9973b2558a7c4d776378ec3b2.exe
Size

19KB
MD5

01e97f8d0fca587b3af71d28759c6227
SHA1

0d3d55a098f381d763f4fb71f6061211297eaac7
SHA256

99ce9369b4e9eaa33e07e915077855f993950ca9973b2558a7c4d776378ec3b2
SHA512

49c5a75cbc83b825a05436d58241442db0afe4480d25f3e39df79c42a0dffd366c3aa8bbb37b367f4e52f147e6188948d75cfa2e88d1f0a98d0c078b1731b9b7
SSDEEP

192:6V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2rcPIcFi/gwSWF8qa1Dojjgi:UqaCF31cix+Dc4zjIS4/1FF46gi

Score

10^/10

Family

cobaltstrike

http://192.168.10.129:80/aCvC

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; LEN2)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\99ce9369b4e9eaa33e07e915077855f993950ca9973b2558a7c4d776378ec3b2.exe
"C:\Users\Admin\AppData\Local\Temp\99ce9369b4e9eaa33e07e915077855f993950ca9973b2558a7c4d776378ec3b2.exe"
1⤵
PID:2220

memory/2220-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2220-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download