Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 10:21
Static task
static1
Behavioral task
behavioral1
Sample
16c1e1534197c73b58d05beebbef7f3ee2d2091c74886b2fa9fbfd4a1d2f47f3.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
16c1e1534197c73b58d05beebbef7f3ee2d2091c74886b2fa9fbfd4a1d2f47f3.exe
Resource
win10v2004-20240426-en
General
-
Target
16c1e1534197c73b58d05beebbef7f3ee2d2091c74886b2fa9fbfd4a1d2f47f3.exe
-
Size
19KB
-
MD5
5a0b6dfdcaeafbc2c41857aa0d6de114
-
SHA1
33865eab4c22265e0d130b2045f979e131528dd8
-
SHA256
16c1e1534197c73b58d05beebbef7f3ee2d2091c74886b2fa9fbfd4a1d2f47f3
-
SHA512
834009f6a487822ad6e07bdde2fe983cf8180c7c7a17e4cf364443c99a57fece165a9d42531b4cb75a73271a72778e8a0aab5605667b579f4b854a23684b991e
-
SSDEEP
192:+V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2pPQlJR4kWF8qa1Dojjgi:IqaCF31cix+Dc4zj4sHiFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.233.129:8001/f9Tj
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.