Analysis
-
max time kernel
148s -
max time network
154s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
09-06-2024 04:36
Static task
static1
Behavioral task
behavioral1
Sample
f18d68a3e377ea95d24abe93231800a75930c50b6fe7e5087251896b06907e4d.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f18d68a3e377ea95d24abe93231800a75930c50b6fe7e5087251896b06907e4d.exe
Resource
win10v2004-20240426-en
General
-
Target
f18d68a3e377ea95d24abe93231800a75930c50b6fe7e5087251896b06907e4d.exe
-
Size
1.2MB
-
MD5
67faabe85997b4cb29009685f66e9371
-
SHA1
53fad1b70addbf23efb609a74476b00308d01143
-
SHA256
f18d68a3e377ea95d24abe93231800a75930c50b6fe7e5087251896b06907e4d
-
SHA512
9b50f57ba6d8ed55d680ff6c59c504388f1dcf127a3133dcc2596689a394f55e50da159be71070102339a630cedd791fc52d346e9a652c6894620cd6e399433e
-
SSDEEP
12288:Lih9chd77KfSRgIMPndw0883k4jYZkkkoWd6L3t6i99xyaFyhs2id3fJYSlW:2nchASRgIMPpk3HUilyo+1C3f
Malware Config
Extracted
cobaltstrike
http://118.178.237.85:5988/7xEi
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; qdesk 2.4.1263.203; Windows NT 6.1; WOW64; Trident/5.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.