cobaltstrike | c8e00b5e215314f31ba4ef3f57a4cdef829511619728a074d440a45cd6a4d465

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
23-04-2024 04:27

Target

c8e00b5e215314f31ba4ef3f57a4cdef829511619728a074d440a45cd6a4d465.exe
Size

1.4MB
MD5

7024f16ebdb4735e12647d3f4a341981
SHA1

223cbe6b2a98e831e943e160345ba11590db625c
SHA256

c8e00b5e215314f31ba4ef3f57a4cdef829511619728a074d440a45cd6a4d465
SHA512

d25c2f2f7ae7e0ce8b88ffda5991df1d4e279773ad34b065acffc90dab86dfef8231f19132b63701d2225ad5c4c95e879fa4434ba5fa889848d08c0f70239140
SSDEEP

12288:k8F5hZSc8v+nzJj6KrrokzTwtKMti/4gHVL4rwSZop/jZ58RJ6P08ymPYsJIy2So:XNHi+nNrxzTikWAZe6lYsQfKAv2D

Score

10^/10

Family

cobaltstrike

http://18.182.54.75:1212/Iex7

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; LBBROWSER)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\c8e00b5e215314f31ba4ef3f57a4cdef829511619728a074d440a45cd6a4d465.exe
"C:\Users\Admin\AppData\Local\Temp\c8e00b5e215314f31ba4ef3f57a4cdef829511619728a074d440a45cd6a4d465.exe"
1⤵
PID:4164

memory/4164-0-0x000001A7EC3A0000-0x000001A7EC3A1000-memory.dmp

Filesize
4KB

Download