Analysis
-
max time kernel
148s -
max time network
153s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
28-04-2024 10:14
Static task
static1
Behavioral task
behavioral1
Sample
a4ea69df3dbf4bc7302c3ecc94ca8976f1f231058395ca2424818a8d204cbd27.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
a4ea69df3dbf4bc7302c3ecc94ca8976f1f231058395ca2424818a8d204cbd27.exe
Resource
win10v2004-20240419-en
General
-
Target
a4ea69df3dbf4bc7302c3ecc94ca8976f1f231058395ca2424818a8d204cbd27.exe
-
Size
19KB
-
MD5
e977b3d5717c4e7f34cd159525c0741d
-
SHA1
144dc2810cde4868d63ad7f34d354fcc8aabf7fc
-
SHA256
a4ea69df3dbf4bc7302c3ecc94ca8976f1f231058395ca2424818a8d204cbd27
-
SHA512
4b7692256ea6ebfa1cd62e08a7aab83b722574404b989cfe3787d665dc998a553faad42b255853576172af626a71523eb96c4c4b3d94f99e2063f42f111ef019
-
SSDEEP
192:wV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2qAENWF8qa1Dojjgi:SqaCF31cix+Dc4zjtfgFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.10.19:8888/INMy
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0; MASP)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.