cobaltstrike | ac761b320cfd6019603d81783f66ba7c0a4a34f2fe73e7030070e459e1ed2381

Analysis

max time kernel
148s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
20-05-2024 10:17

Target

ac761b320cfd6019603d81783f66ba7c0a4a34f2fe73e7030070e459e1ed2381.exe
Size

19KB
MD5

3754e2641bc68f8cbbbf56f7abb1155e
SHA1

5251638058d01668a129da180fc820bc1244088f
SHA256

ac761b320cfd6019603d81783f66ba7c0a4a34f2fe73e7030070e459e1ed2381
SHA512

b9b1d447e404e05e624864d470d6f45bcee963c2a07ab8e58564d932f14f36635bc7bba4650c38050e1fc802f895f5ae39a1dd6e4fb585ccc625ec26ba82c523
SSDEEP

192:/V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2PfVHsWF8qa1Dojjgi:5qaCF31cix+Dc4zjkJFF46gi

Score

10^/10

Family

cobaltstrike

http://192.168.85.128:80/wR1c

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0; Touch)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\ac761b320cfd6019603d81783f66ba7c0a4a34f2fe73e7030070e459e1ed2381.exe
"C:\Users\Admin\AppData\Local\Temp\ac761b320cfd6019603d81783f66ba7c0a4a34f2fe73e7030070e459e1ed2381.exe"
1⤵
PID:3324

memory/3324-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/3324-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download