Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
18-04-2024 12:03
Static task
static1
Behavioral task
behavioral1
Sample
c42c106bda6322d6e0132f48ffdd2ee98e0e9941a9e0fc332351f479168ea39a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c42c106bda6322d6e0132f48ffdd2ee98e0e9941a9e0fc332351f479168ea39a.exe
Resource
win10v2004-20240412-en
General
-
Target
c42c106bda6322d6e0132f48ffdd2ee98e0e9941a9e0fc332351f479168ea39a.exe
-
Size
19KB
-
MD5
07bcb1f53f333997a89bee5efe674a8a
-
SHA1
dcebcec74089ab9b1063ee201431b3b51e9cc440
-
SHA256
c42c106bda6322d6e0132f48ffdd2ee98e0e9941a9e0fc332351f479168ea39a
-
SHA512
4e33d9f7ab2f55a683e0b59cf8a227c8603fbe17031c41add54e7acd16dbed5dc7132b44f6eb8d79d29e3b106f987105db9ef1bb2fcf6721f5452830df936c45
-
SSDEEP
192:6V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2VFWF8qa1Dojjgi:UqaCF31cix+Dc4zjCoFF46gi
Malware Config
Extracted
cobaltstrike
http://81.70.175.188:65534/bOz2
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MAM2)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.