Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
18-04-2024 04:46
Static task
static1
Behavioral task
behavioral1
Sample
3aad7e75c45235a0329f039a8c9e1741ae3c8ffb7af14769bd7771725679d0c5.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3aad7e75c45235a0329f039a8c9e1741ae3c8ffb7af14769bd7771725679d0c5.exe
Resource
win10v2004-20240412-en
General
-
Target
3aad7e75c45235a0329f039a8c9e1741ae3c8ffb7af14769bd7771725679d0c5.exe
-
Size
19KB
-
MD5
f37f41594e96d62fbee5f7eaf086db74
-
SHA1
87d017a160e9a7220b3757caad9f80ebf287c097
-
SHA256
3aad7e75c45235a0329f039a8c9e1741ae3c8ffb7af14769bd7771725679d0c5
-
SHA512
57b1bd46a626e72bbf861718c80d1c89414b4e008145f02dbe6cf021d1bb813491c6c1ebbc644c66a4e44881e8f500f082b8c18d8014e89b1ef8d8e6573dcd24
-
SSDEEP
192:tV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2L49WF8qa1Dojjgi:fqaCF31cix+Dc4zj/wFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.153.139:8861/2hmV
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.