Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
23-04-2024 04:27
Behavioral task
behavioral1
Sample
c8e00b5e215314f31ba4ef3f57a4cdef829511619728a074d440a45cd6a4d465.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c8e00b5e215314f31ba4ef3f57a4cdef829511619728a074d440a45cd6a4d465.exe
Resource
win10v2004-20240412-en
General
-
Target
c8e00b5e215314f31ba4ef3f57a4cdef829511619728a074d440a45cd6a4d465.exe
-
Size
1.4MB
-
MD5
7024f16ebdb4735e12647d3f4a341981
-
SHA1
223cbe6b2a98e831e943e160345ba11590db625c
-
SHA256
c8e00b5e215314f31ba4ef3f57a4cdef829511619728a074d440a45cd6a4d465
-
SHA512
d25c2f2f7ae7e0ce8b88ffda5991df1d4e279773ad34b065acffc90dab86dfef8231f19132b63701d2225ad5c4c95e879fa4434ba5fa889848d08c0f70239140
-
SSDEEP
12288:k8F5hZSc8v+nzJj6KrrokzTwtKMti/4gHVL4rwSZop/jZ58RJ6P08ymPYsJIy2So:XNHi+nNrxzTikWAZe6lYsQfKAv2D
Malware Config
Extracted
cobaltstrike
http://18.182.54.75:1212/Iex7
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; LBBROWSER)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4164-0-0x000001A7EC3A0000-0x000001A7EC3A1000-memory.dmpFilesize
4KB