Analysis
-
max time kernel
148s -
max time network
153s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
20-05-2024 10:17
Static task
static1
Behavioral task
behavioral1
Sample
ac761b320cfd6019603d81783f66ba7c0a4a34f2fe73e7030070e459e1ed2381.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ac761b320cfd6019603d81783f66ba7c0a4a34f2fe73e7030070e459e1ed2381.exe
Resource
win10v2004-20240426-en
General
-
Target
ac761b320cfd6019603d81783f66ba7c0a4a34f2fe73e7030070e459e1ed2381.exe
-
Size
19KB
-
MD5
3754e2641bc68f8cbbbf56f7abb1155e
-
SHA1
5251638058d01668a129da180fc820bc1244088f
-
SHA256
ac761b320cfd6019603d81783f66ba7c0a4a34f2fe73e7030070e459e1ed2381
-
SHA512
b9b1d447e404e05e624864d470d6f45bcee963c2a07ab8e58564d932f14f36635bc7bba4650c38050e1fc802f895f5ae39a1dd6e4fb585ccc625ec26ba82c523
-
SSDEEP
192:/V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2PfVHsWF8qa1Dojjgi:5qaCF31cix+Dc4zjkJFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.85.128:80/wR1c
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0; Touch)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.