Analysis
-
max time kernel
147s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
28/05/2024, 15:58
Behavioral task
behavioral1
Sample
9064274d935bead2707216a7a5f2aafd91c2895848dc471ef203e8c536cd04ae.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9064274d935bead2707216a7a5f2aafd91c2895848dc471ef203e8c536cd04ae.exe
Resource
win10v2004-20240426-en
General
-
Target
9064274d935bead2707216a7a5f2aafd91c2895848dc471ef203e8c536cd04ae.exe
-
Size
1.1MB
-
MD5
4a94b937375279c98283a2de524c34eb
-
SHA1
8f629a163391538e78cd3ce93781c2fab648e11b
-
SHA256
9064274d935bead2707216a7a5f2aafd91c2895848dc471ef203e8c536cd04ae
-
SHA512
1236c99ad86954720e9562194b86debbffb17f2149024d9de69915487cb9e59bbfac05f466913104a39e70900ab7aa4e0491d75242408e0ce303b4aa31e2e5d7
-
SSDEEP
12288:uMP4gL3bd/nhqvsh2vjdE9Peqd7t5Oj6/D+2V0N+tEgo3xj+eznnMF2vEuD:uMwypQ0h2QJal4U+wMmE
Malware Config
Extracted
cobaltstrike
http://192.168.0.177:6666/c66qsIKehuTulfpP.js
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; MALC)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.