Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24-04-2024 02:14
Static task
static1
Behavioral task
behavioral1
Sample
1359e42aa8460a3ef4d232a5944e24355a66623e1f4e2f9f4a3004b36785e53d.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1359e42aa8460a3ef4d232a5944e24355a66623e1f4e2f9f4a3004b36785e53d.exe
Resource
win10v2004-20240412-en
General
-
Target
1359e42aa8460a3ef4d232a5944e24355a66623e1f4e2f9f4a3004b36785e53d.exe
-
Size
19KB
-
MD5
a3de766d0c5020e64af9afda0bc8e769
-
SHA1
d1f17777a125a2ac823b44bb3ba65350f5af06fa
-
SHA256
1359e42aa8460a3ef4d232a5944e24355a66623e1f4e2f9f4a3004b36785e53d
-
SHA512
63d3674586df80563d0be2bd375d1b0ba8fc7875949bb47d85ac416cc40112ac490e0a7d2b6ddadfc7905a43def936883808a5e257282ea3b32cda37f1a7b333
-
SSDEEP
192:5V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2OfUiwoXzOWF8qa1Dojjgi:bqaCF31cix+Dc4zjFfUZ0zvFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.1.11:80/i2oS
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.