Analysis
-
max time kernel
147s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system -
submitted
28-04-2024 10:15
Static task
static1
Behavioral task
behavioral1
Sample
3aa2807194252ad53aeb242dbe0469738a9cb2803ead6e41cd3e548c6f330a09.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3aa2807194252ad53aeb242dbe0469738a9cb2803ead6e41cd3e548c6f330a09.exe
Resource
win10v2004-20240419-en
General
-
Target
3aa2807194252ad53aeb242dbe0469738a9cb2803ead6e41cd3e548c6f330a09.exe
-
Size
1.3MB
-
MD5
797f31c04b23e5e5080a19d03bf32676
-
SHA1
97db0b4bf0b54af21f3fb7e3343197c0e7ed3c7e
-
SHA256
3aa2807194252ad53aeb242dbe0469738a9cb2803ead6e41cd3e548c6f330a09
-
SHA512
90db2ac88d5ea5cae41dbd7a0f531b82c1cf69edf9f590674793ab79a9cf42773d751905a8bd2993c31136004196ce94cf66faa18e4fc160b98b5ecc058676d2
-
SSDEEP
12288:ax+BFK9F+U8aj7Q8BwjBPv5msehdJ5mET6cxR+2V0T+ESTo3ujYCkwso9XXnXKi:aKKqYJBiI+EdCkJYfwsoN
Malware Config
Extracted
cobaltstrike
http://110.42.67.6:8080/uGh9
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MATBJS)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2996-0-0x00000180189B0000-0x00000180189B1000-memory.dmpFilesize
4KB