Analysis
-
max time kernel
148s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
18-04-2024 07:07
Static task
static1
Behavioral task
behavioral1
Sample
f814d066b06c07e050ece36bc3e995eecbca82219fa6ca6cbe2812ded36f2a5f.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f814d066b06c07e050ece36bc3e995eecbca82219fa6ca6cbe2812ded36f2a5f.exe
Resource
win10v2004-20240412-en
General
-
Target
f814d066b06c07e050ece36bc3e995eecbca82219fa6ca6cbe2812ded36f2a5f.exe
-
Size
19KB
-
MD5
222022cfef1f3f203e3b4a4228a4aafe
-
SHA1
5bf46f3740c1ca9afc25ee276fe4102755b042d8
-
SHA256
f814d066b06c07e050ece36bc3e995eecbca82219fa6ca6cbe2812ded36f2a5f
-
SHA512
6547af2ed92bc7d5fd4c1e247ad57e83f99492407fb97c4a19967ffca434bf133654c03ac8cedfd3c1c573d9cd9518abd393e4f825893ca66c55f68837fc8fe9
-
SSDEEP
192:tV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2gizTDDWF8qa1Dojjgi:fqaCF31cix+Dc4zjgTGFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.43.128:80/jh1Z
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.