Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
26-04-2024 10:14
Static task
static1
Behavioral task
behavioral1
Sample
6738b87e3560f5e2bee60e9b8a665d7f93b2e9875d3367f31c772227fc549537.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6738b87e3560f5e2bee60e9b8a665d7f93b2e9875d3367f31c772227fc549537.exe
Resource
win10v2004-20240412-en
General
-
Target
6738b87e3560f5e2bee60e9b8a665d7f93b2e9875d3367f31c772227fc549537.exe
-
Size
19KB
-
MD5
802d8094b4918eb54fdb939a97e08b1e
-
SHA1
53a65f24193c29ac82bb60f4cfdae58427a39ad4
-
SHA256
6738b87e3560f5e2bee60e9b8a665d7f93b2e9875d3367f31c772227fc549537
-
SHA512
118033340ef8cb9cd99163ea519976da3b5beaebdd6fb2407b73f658032a380bfa7fccda7b3e83f07b4ecdbcc8559e3df8af29b63dad48fd446884a103695574
-
SSDEEP
192:NV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2ju4tWF8qa1Dojjgi:/qaCF31cix+Dc4zj0u4AFF46gi
Malware Config
Extracted
cobaltstrike
http://8.219.146.174:80/3tEq
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; LEN2)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.