Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 17:12
Static task
static1
Behavioral task
behavioral1
Sample
799352dd262a34eb25dae93b87c6fc5d7991351c0baa83ccceb2156ed18d6a8d.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
799352dd262a34eb25dae93b87c6fc5d7991351c0baa83ccceb2156ed18d6a8d.exe
Resource
win10v2004-20240426-en
General
-
Target
799352dd262a34eb25dae93b87c6fc5d7991351c0baa83ccceb2156ed18d6a8d.exe
-
Size
17KB
-
MD5
c7e1d79a678a55dc2facda715e60ec5e
-
SHA1
03c37a21b90f4d5e42072ed5f26b6df3c35c995a
-
SHA256
799352dd262a34eb25dae93b87c6fc5d7991351c0baa83ccceb2156ed18d6a8d
-
SHA512
73329592f29249fe74923b0adaf47c24498c3357732bbb9c038c99bf60664ca26d849525e3bfd7286758b1cd95c5cf96292088f4212461d9e27d757661d3a1f2
-
SSDEEP
192:0DMAe4Ckj19RZZ6wpSfu1bKcq5uHj7khBDSeKNH46kTn121u/ZBUbOj6kxiY:0DMAoKz6WtKEj7aBDiLL1uBbAY
Malware Config
Extracted
cobaltstrike
http://3.145.83.235:8080/q2Gs
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.