Analysis
-
max time kernel
148s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system -
submitted
28-04-2024 10:14
Static task
static1
Behavioral task
behavioral1
Sample
cfa93ef2faea5bcdad6f2ce338f2e9890fea76d0996425d781fc9376267be004.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
cfa93ef2faea5bcdad6f2ce338f2e9890fea76d0996425d781fc9376267be004.exe
Resource
win10v2004-20240419-en
General
-
Target
cfa93ef2faea5bcdad6f2ce338f2e9890fea76d0996425d781fc9376267be004.exe
-
Size
19KB
-
MD5
710a392f021d4ac16b72d6f04915e0ac
-
SHA1
19b88220ab346a237e2717f6b3c0146cbe049a1d
-
SHA256
cfa93ef2faea5bcdad6f2ce338f2e9890fea76d0996425d781fc9376267be004
-
SHA512
92039954a0e081fbc95da931593017094512286308fcf9e813c453c9358ce5d4433ba138f63d96e0cc181d17b49c62c7f3c74f6e17643d408dd5ff5b0366646f
-
SSDEEP
192:8V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2aGcWF8qa1Dojjgi:eqaCF31cix+Dc4zj5GZFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.139.128:6666/AeaV
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.