cobaltstrike | fee7c66d3b87f0c649fd36de68a51766aa910d27d4c145cc6bb040883b0db2a0

Analysis

max time kernel
132s
max time network
101s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
20-05-2024 08:51

Target

fee7c66d3b87f0c649fd36de68a51766aa910d27d4c145cc6bb040883b0db2a0.exe
Size

86KB
MD5

666748f1a95752287bf2d19163d895f6
SHA1

64cf20c84ed41c35de12978ce77fc20c4b91d8cf
SHA256

fee7c66d3b87f0c649fd36de68a51766aa910d27d4c145cc6bb040883b0db2a0
SHA512

eb368fd1259a566ed0f4f34f419ed6083e600fe5ba82e329adbd78b2dd7a1183cc05ddc754bfec4729874920bf7cbdd408e711af3c18f146e9bed7f8242c0756
SSDEEP

768:mfi201nyxmocxh2Xw48wsBFn8q1CVxmckAXE375109zbADj05sN9zcuG:mKHcxmoqkw489Bd8hVgAK6z0DQyvzcuG

Score

10^/10

Family

cobaltstrike

http://47.122.9.214:443/Crush/v1.8/M5EL9GVH8H3

Attributes

user_agent
Accept: application/json, application/xhtml+xml, text/html Accept-Language: xh Accept-Encoding: *, gzip User-Agent: Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\fee7c66d3b87f0c649fd36de68a51766aa910d27d4c145cc6bb040883b0db2a0.exe
"C:\Users\Admin\AppData\Local\Temp\fee7c66d3b87f0c649fd36de68a51766aa910d27d4c145cc6bb040883b0db2a0.exe"
1⤵
PID:1392

memory/1392-0-0x000001D2637E0000-0x000001D2637E1000-memory.dmp

Filesize
4KB

Download
memory/1392-2-0x000001D2654F0000-0x000001D2658F0000-memory.dmp

Filesize
4.0MB

Download
memory/1392-4-0x000001D2654F0000-0x000001D2658F0000-memory.dmp

Filesize
4.0MB

Download