Analysis
-
max time kernel
147s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
24-04-2024 01:17
Static task
static1
Behavioral task
behavioral1
Sample
9b674aabc8509ba8be97149c0fce91e360e6318bfdde5410526a7cd4584d8e0a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9b674aabc8509ba8be97149c0fce91e360e6318bfdde5410526a7cd4584d8e0a.exe
Resource
win10v2004-20240412-en
General
-
Target
9b674aabc8509ba8be97149c0fce91e360e6318bfdde5410526a7cd4584d8e0a.exe
-
Size
2.0MB
-
MD5
6648f9e3f4354a778c184c0de04a13a7
-
SHA1
6421be58708ec3912be8709e3dfc4d169bf37d57
-
SHA256
9b674aabc8509ba8be97149c0fce91e360e6318bfdde5410526a7cd4584d8e0a
-
SHA512
b36a51186691eec160f3f85eab0db39f5b88bb216303f514148c071670a0e5f586168e93e06b7ecc2ecb1bb45db18d40f55eab13b76258eee90ca03b2122a1ad
-
SSDEEP
24576:jwj+NcmlsitkWQsgByRo2IcKe8W2Ti/e+/oXmqHHrayaLCK:wAcmlsLn52B8W2WGQoWqwJ
Malware Config
Extracted
cobaltstrike
http://:0
http://43.138.109.119:443/center/user_sid
http://:443/center/user_sid
-
user_agent
Accept: */* Accept-Language: en-US,en;q=0.5 Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4472.114 Safari/537.36
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.