Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
26-04-2024 10:17
Static task
static1
Behavioral task
behavioral1
Sample
1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef.exe
Resource
win10v2004-20240412-en
General
-
Target
1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef.exe
-
Size
41KB
-
MD5
cc194205c5062ac0d2c5d2fa0c7317ed
-
SHA1
dec4287df781cdd736fdf71a7159853e577a64cb
-
SHA256
1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef
-
SHA512
6392f02a4a588621ba3a83f009c4c2c14f3eadc832d988f4ed2fda8c7082a0d6cc769b5918a193711a227f437968e96fa22100c451137a223082be8c6ca64b4d
-
SSDEEP
768:jBOZpWVJUNNua3RsFTcuvwpw49G7DetPG3hzXHFJQUdW:sQJUjua3y9wS49G7SG3QUd
Malware Config
Extracted
cobaltstrike
http://43.154.174.99:44443/4tn3
-
user_agent
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/2
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.