Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24-04-2024 04:17
Static task
static1
Behavioral task
behavioral1
Sample
3f4a8d3eb250de0a414e5ad173a5bac56facaf1f4e4d10030131f6da20d5fa64.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3f4a8d3eb250de0a414e5ad173a5bac56facaf1f4e4d10030131f6da20d5fa64.exe
Resource
win10v2004-20240412-en
General
-
Target
3f4a8d3eb250de0a414e5ad173a5bac56facaf1f4e4d10030131f6da20d5fa64.exe
-
Size
19KB
-
MD5
fe5ac8d46f29927d2cee708cf0294658
-
SHA1
a6f3a32ed8d40557cd7de7df3f7cf233cd50cdd4
-
SHA256
3f4a8d3eb250de0a414e5ad173a5bac56facaf1f4e4d10030131f6da20d5fa64
-
SHA512
9eb48a36aef65f1e60595648d967bcfde24fcb83955790b52006aa5e537507098928afe5823f19832753f52ceaf0eb0642369a071a75446db8d0c26daa3b59ac
-
SSDEEP
192:lV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2JTsWF8qa1Dojjgi:HqaCF31cix+Dc4zj6TJFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.1.56:99/PJuN
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MANM; MANM)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.