cobaltstrike | 2341ec4946cd551f66302bfe066398bd01b0c7d317443c9f99a0668e0e0f282c

Analysis

max time kernel
66s
max time network
56s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
28-04-2024 10:14

Target

2341ec4946cd551f66302bfe066398bd01b0c7d317443c9f99a0668e0e0f282c.exe
Size

19KB
MD5

7f110c0a823ece0603b6a0fbfa82eecf
SHA1

6dc27429d817d0ccf923c96d8740ddb14c9330bb
SHA256

2341ec4946cd551f66302bfe066398bd01b0c7d317443c9f99a0668e0e0f282c
SHA512

eca6e5af8bc23459d2b2c942ba0e5f9927df56a6f81297517737c3064768355a9a33279ef3216437727c4919a3afb8457f7336f9ce85ae06bea1a414939ddfec
SSDEEP

192:hV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/21DRMBSAWF8qa1Dojjgi:zqaCF31cix+Dc4zjYnFF46gi

Score

10^/10

Family

cobaltstrike

http://cms.nawwan.xyz:443/api/2

Attributes

user_agent
Host: cms.nawwan.xyz User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\2341ec4946cd551f66302bfe066398bd01b0c7d317443c9f99a0668e0e0f282c.exe
"C:\Users\Admin\AppData\Local\Temp\2341ec4946cd551f66302bfe066398bd01b0c7d317443c9f99a0668e0e0f282c.exe"
1⤵
PID:2508

memory/2508-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2508-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download