cobaltstrike | 6738b87e3560f5e2bee60e9b8a665d7f93b2e9875d3367f31c772227fc549537

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
26-04-2024 10:14

Target

6738b87e3560f5e2bee60e9b8a665d7f93b2e9875d3367f31c772227fc549537.exe
Size

19KB
MD5

802d8094b4918eb54fdb939a97e08b1e
SHA1

53a65f24193c29ac82bb60f4cfdae58427a39ad4
SHA256

6738b87e3560f5e2bee60e9b8a665d7f93b2e9875d3367f31c772227fc549537
SHA512

118033340ef8cb9cd99163ea519976da3b5beaebdd6fb2407b73f658032a380bfa7fccda7b3e83f07b4ecdbcc8559e3df8af29b63dad48fd446884a103695574
SSDEEP

192:NV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2ju4tWF8qa1Dojjgi:/qaCF31cix+Dc4zj0u4AFF46gi

Score

10^/10

Family

cobaltstrike

http://8.219.146.174:80/3tEq

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; LEN2)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\6738b87e3560f5e2bee60e9b8a665d7f93b2e9875d3367f31c772227fc549537.exe
"C:\Users\Admin\AppData\Local\Temp\6738b87e3560f5e2bee60e9b8a665d7f93b2e9875d3367f31c772227fc549537.exe"
1⤵
PID:3052

memory/3052-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/3052-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download