cobaltstrike | 5f9e20461f9a46c0fd33fd18bd7105e12208837655aacebe1e2b1b03effdf3e0

Analysis

max time kernel
149s
max time network
153s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
25-04-2024 16:22

Target

5f9e20461f9a46c0fd33fd18bd7105e12208837655aacebe1e2b1b03effdf3e0.exe
Size

19KB
MD5

6d28bb5f7863e681199188cd82914b7c
SHA1

b47e0b37f6823b75221166013082da028ea4c8c7
SHA256

5f9e20461f9a46c0fd33fd18bd7105e12208837655aacebe1e2b1b03effdf3e0
SHA512

64bd929cd0a95370940f5ca4b9bc1179b9334dcbf5209f67f0b05beadbe82b825fccc285fd830b9d199b4265799d9c273b7984d2d41807551c5476651aa8e72e
SSDEEP

192:vV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2BxEXWF8qa1Dojjgi:pqaCF31cix+Dc4zjaEmFF46gi

Score

10^/10

Family

cobaltstrike

http://39.104.232.76:25000/iiT7

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; ASU2JS)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\5f9e20461f9a46c0fd33fd18bd7105e12208837655aacebe1e2b1b03effdf3e0.exe
"C:\Users\Admin\AppData\Local\Temp\5f9e20461f9a46c0fd33fd18bd7105e12208837655aacebe1e2b1b03effdf3e0.exe"
1⤵
PID:2300

memory/2300-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2300-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download