cobaltstrike | 9b674aabc8509ba8be97149c0fce91e360e6318bfdde5410526a7cd4584d8e0a

Analysis

max time kernel
147s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
24-04-2024 01:17

Target

9b674aabc8509ba8be97149c0fce91e360e6318bfdde5410526a7cd4584d8e0a.exe
Size

2.0MB
MD5

6648f9e3f4354a778c184c0de04a13a7
SHA1

6421be58708ec3912be8709e3dfc4d169bf37d57
SHA256

9b674aabc8509ba8be97149c0fce91e360e6318bfdde5410526a7cd4584d8e0a
SHA512

b36a51186691eec160f3f85eab0db39f5b88bb216303f514148c071670a0e5f586168e93e06b7ecc2ecb1bb45db18d40f55eab13b76258eee90ca03b2122a1ad
SSDEEP

24576:jwj+NcmlsitkWQsgByRo2IcKe8W2Ti/e+/oXmqHHrayaLCK:wAcmlsLn52B8W2WGQoWqwJ

Score

10^/10

Family

cobaltstrike

http://:0

http://43.138.109.119:443/center/user_sid

http://:443/center/user_sid

Attributes

user_agent
Accept: */* Accept-Language: en-US,en;q=0.5 Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4472.114 Safari/537.36

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\9b674aabc8509ba8be97149c0fce91e360e6318bfdde5410526a7cd4584d8e0a.exe
"C:\Users\Admin\AppData\Local\Temp\9b674aabc8509ba8be97149c0fce91e360e6318bfdde5410526a7cd4584d8e0a.exe"
1⤵
PID:404

memory/404-1-0x000000C000000000-0x000000C000400000-memory.dmp

Filesize
4.0MB

Download
memory/404-2-0x000000C000000000-0x000000C000400000-memory.dmp

Filesize
4.0MB

Download