cobaltstrike | 1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
26-04-2024 10:17

Target

1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef.exe
Size

41KB
MD5

cc194205c5062ac0d2c5d2fa0c7317ed
SHA1

dec4287df781cdd736fdf71a7159853e577a64cb
SHA256

1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef
SHA512

6392f02a4a588621ba3a83f009c4c2c14f3eadc832d988f4ed2fda8c7082a0d6cc769b5918a193711a227f437968e96fa22100c451137a223082be8c6ca64b4d
SSDEEP

768:jBOZpWVJUNNua3RsFTcuvwpw49G7DetPG3hzXHFJQUdW:sQJUjua3y9wS49G7SG3QUd

Score

10^/10

Family

cobaltstrike

http://43.154.174.99:44443/4tn3

Attributes

user_agent
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/2

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef.exe
"C:\Users\Admin\AppData\Local\Temp\1357ecb52bfc19e96398e84430a98341f23a8537ce2d368e4bffffe29f8849ef.exe"
1⤵
PID:4024

memory/4024-0-0x000002228FBC0000-0x000002228FBC1000-memory.dmp

Filesize
4KB

Download
memory/4024-1-0x00007FF65EA70000-0x00007FF65EA81000-memory.dmp

Filesize
68KB

Download