Overview

overview

10

Static

static

3

c32df8dbab...64.exe

windows7-x64

10

c32df8dbab...64.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-04-2024 01:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c32df8dbab7b75872a1684888e335672c2dc59e9a0fcabb6fd0d05a1dffb1164.exe

  • Size

    19KB

  • MD5

    3b987daaaaba28c775d8278e2200d107

  • SHA1

    948e47f00db79dac0f99b28d89ccfc832e18355e

  • SHA256

    c32df8dbab7b75872a1684888e335672c2dc59e9a0fcabb6fd0d05a1dffb1164

  • SHA512

    aa867cf72ed3ff9ac719f481c1360e7cfbff35ccc6e88600fa2dec577118f68c9999fa238f7352cc6d99bb87b20d15e4a54401f196dcc1ab898266d32ea9d0ff

  • SSDEEP

    192:QV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2iaqP9WF8qa1Dojjgi:yqaCF31cix+Dc4zjcFF46gi

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://114.55.72.98:82/U7wZ

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MANM; MANM)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\c32df8dbab7b75872a1684888e335672c2dc59e9a0fcabb6fd0d05a1dffb1164.exe
    "C:\Users\Admin\AppData\Local\Temp\c32df8dbab7b75872a1684888e335672c2dc59e9a0fcabb6fd0d05a1dffb1164.exe"
    1⤵
      PID:3332

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3332-0-0x0000000000020000-0x0000000000021000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3332-1-0x0000000000400000-0x000000000040C000-memory.dmp
      Filesize

      48KB

      Download