cobaltstrike | df2009833cbab381774d9a97532448251b994a392268af28964418ebf2a74cac

Analysis

max time kernel
149s
max time network
153s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
21-05-2024 10:29

Target

df2009833cbab381774d9a97532448251b994a392268af28964418ebf2a74cac.exe
Size

19KB
MD5

2c4b280cbf04c3b819b9f8269534dcba
SHA1

6c4e02d927bc6869ca733b12b8b2fe0aa7484ca9
SHA256

df2009833cbab381774d9a97532448251b994a392268af28964418ebf2a74cac
SHA512

58ef24b5a7523e0e12701d87d88b39c9195df955c71430f451ca48219cbc00b9ec8756453e2edbed94dd249b25b605d700a704ab6b9055728da8be167d8c7c50
SSDEEP

192:6V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/29nELWF8qa1Dojjgi:UqaCF31cix+Dc4zjq1FF46gi

Score

10^/10

Family

cobaltstrike

http://118.25.85.104:4443/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\df2009833cbab381774d9a97532448251b994a392268af28964418ebf2a74cac.exe
"C:\Users\Admin\AppData\Local\Temp\df2009833cbab381774d9a97532448251b994a392268af28964418ebf2a74cac.exe"
1⤵
PID:2868

memory/2868-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2868-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download