cobaltstrike | 06aa55d96d60465069d69e9a89ea9b0208d390850053429afbac14cd03caad67

Analysis

max time kernel
144s
max time network
148s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
19-05-2024 10:24

Target

06aa55d96d60465069d69e9a89ea9b0208d390850053429afbac14cd03caad67.exe
Size

1.6MB
MD5

7743282a71d6ac84b5321aa0b32d39d8
SHA1

c5aac418d8a18375d0938acab232ab5f53ac2a44
SHA256

06aa55d96d60465069d69e9a89ea9b0208d390850053429afbac14cd03caad67
SHA512

f82ebbdc1ca4df042f880058314c91dbd793c9f8c8c49966f3cf76305379ca046989e4d7cc720b08eb0f07b93a0e9a4df1d476dbc02343f3092ab0683718a1b4
SSDEEP

24576:5WRqPoV5FYugpGhWb3gU4Kz2ZVCAShTYgV3/YYIbK1z1v:5ArFYuiGhWZ4LCACYgVPY5G1z1

Score

10^/10

Family

cobaltstrike

http://8.130.123.131:11001/_/rp/FTmJMkisSOAwXdvbYo-M3c6924I.br.js

Attributes

user_agent
Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 4.0; Trident/4.0)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\06aa55d96d60465069d69e9a89ea9b0208d390850053429afbac14cd03caad67.exe
"C:\Users\Admin\AppData\Local\Temp\06aa55d96d60465069d69e9a89ea9b0208d390850053429afbac14cd03caad67.exe"
1⤵
PID:3028

memory/3028-0-0x00000000007E0000-0x00000000007E1000-memory.dmp

Filesize
4KB

Download