cobaltstrike | 9844b5ad5d59c0ced7e12e9af5a502b719df11b3fcb2043b300a4cb0b340db1d

Analysis

max time kernel
132s
max time network
101s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
24-05-2024 10:46

Target

9844b5ad5d59c0ced7e12e9af5a502b719df11b3fcb2043b300a4cb0b340db1d.exe
Size

1.5MB
MD5

be243e877cbe4cad002316262a408ea8
SHA1

8c27f16ea9cca3e5240b2c50d0fe3dc1b55fca58
SHA256

9844b5ad5d59c0ced7e12e9af5a502b719df11b3fcb2043b300a4cb0b340db1d
SHA512

549f672eb1483041c177624f127eec674e60a923bf4e03d9d75f9dabc3304f10e75f2eee235f1dcd0bcac315e5cd67fbaee432d1bfbf036fffe3693c2e888854
SSDEEP

24576:AkSmnxZEtczeHdyfWbgYJBWwgjLb1dYs:AkFxZWczeH5gYJ3gjLb1dY

Score

10^/10

Family

cobaltstrike

http://107.174.253.49:6569/tAPX

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\9844b5ad5d59c0ced7e12e9af5a502b719df11b3fcb2043b300a4cb0b340db1d.exe
"C:\Users\Admin\AppData\Local\Temp\9844b5ad5d59c0ced7e12e9af5a502b719df11b3fcb2043b300a4cb0b340db1d.exe"
1⤵
PID:3244

memory/3244-1-0x000000C00D8FE000-0x000000C00D8FF000-memory.dmp

Filesize
4KB

Download
memory/3244-0-0x000000C006400000-0x000000C007400000-memory.dmp

Filesize
16.0MB

Download