Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
30/05/2024, 22:32
Static task
static1
Behavioral task
behavioral1
Sample
5e352a32f837434189b40dcb8d40c73b986285d75133ec3e9ea812100eb4afeb.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
5e352a32f837434189b40dcb8d40c73b986285d75133ec3e9ea812100eb4afeb.exe
Resource
win10v2004-20240426-en
General
-
Target
5e352a32f837434189b40dcb8d40c73b986285d75133ec3e9ea812100eb4afeb.exe
-
Size
19KB
-
MD5
b227596f477feda64c54f608a0cf9316
-
SHA1
c020b1ae5a84223dad0b59de9211ab018d82b63e
-
SHA256
5e352a32f837434189b40dcb8d40c73b986285d75133ec3e9ea812100eb4afeb
-
SHA512
f8ef07939690e7447f144e8523b075f4a866f0635e3c357cd7a62eec47c08495c52bdcac80f8f1ae8a7aca6841a937ba3405af50331f4d7f7e3d434722ec8343
-
SSDEEP
192:HV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2ArmxP6WF8qa1Dojjgi:xqaCF31cix+Dc4zjrAbFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.88.140:80/v1Lj
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.