cobaltstrike | 6bf4bba0e88884b274b28ef8f1a59d4b97796aa0082197becd4f6bc2e546260c

Analysis

max time kernel
148s
max time network
128s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
30-04-2024 07:02

Target

6bf4bba0e88884b274b28ef8f1a59d4b97796aa0082197becd4f6bc2e546260c.exe
Size

36KB
MD5

3817edca92025ebe8512516b7dd77e80
SHA1

d53a16490b490386af95b9124685ccbc6ec247b6
SHA256

6bf4bba0e88884b274b28ef8f1a59d4b97796aa0082197becd4f6bc2e546260c
SHA512

ff26a2d5fcc4a4d67f154b67f17730287a2ab01730a652aa36aae96b0be6bef58d5118c68b61a7600058a526129a285bbf8600898b5411eaa2b98b4a10f301dc
SSDEEP

768:8Fw+H/natWvv3yaDivS3991Eadu/8sm3qGHUO5+WiY:1+fnIWvv3sUjvdu/8cO5g

Score

10^/10

Family

cobaltstrike

http://47.243.59.237:80/yi3H

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MALC)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\6bf4bba0e88884b274b28ef8f1a59d4b97796aa0082197becd4f6bc2e546260c.exe
"C:\Users\Admin\AppData\Local\Temp\6bf4bba0e88884b274b28ef8f1a59d4b97796aa0082197becd4f6bc2e546260c.exe"
1⤵
PID:4028

memory/4028-2-0x000001E7F1010000-0x000001E7F1110000-memory.dmp

Filesize
1024KB

Download
memory/4028-3-0x000001E7F1010000-0x000001E7F1110000-memory.dmp

Filesize
1024KB

Download