cobaltstrike | 3d759ab02a8030a36f584dc841c110ef06f7f796980e77c281baa8c35e182def

Analysis

max time kernel
148s
max time network
149s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
24-04-2024 10:14

Target

3d759ab02a8030a36f584dc841c110ef06f7f796980e77c281baa8c35e182def.exe
Size

19KB
MD5

742b70158807e41163274f5b4fb65dd1
SHA1

dd790ea29aa4e8ad0e436a2f8677032a429b8336
SHA256

3d759ab02a8030a36f584dc841c110ef06f7f796980e77c281baa8c35e182def
SHA512

c18be1d3a82c05d6b9f08453de54d8a1485b30b7b4192a12a874536d216ca7f9078b1ff5f33afe260e4f05b627774dd450ff261b53e43ae8ca9d788131664eeb
SSDEEP

192:PV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/21MmNWF8qa1Dojjgi:JqaCF31cix+Dc4zjTFF46gi

Score

10^/10

Family

cobaltstrike

http://128.90.106.176:80/9Dlt

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt; DTS Agent

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\3d759ab02a8030a36f584dc841c110ef06f7f796980e77c281baa8c35e182def.exe
"C:\Users\Admin\AppData\Local\Temp\3d759ab02a8030a36f584dc841c110ef06f7f796980e77c281baa8c35e182def.exe"
1⤵
PID:1504

memory/1504-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/1504-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download