Analysis

  • max time kernel
    141s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-06-2024 05:33

General

  • Target

    926c1f3385e5b81c53bdab95a50f44b0c1158dbfbaefe9ba05bcc4c35365f16d.exe

  • Size

    1.8MB

  • MD5

    b2dd95a07ace08e0cc7f371e191a49ac

  • SHA1

    5bbcf5ba75ba0a3d21ec65bf1e4de8f23a1a7e70

  • SHA256

    926c1f3385e5b81c53bdab95a50f44b0c1158dbfbaefe9ba05bcc4c35365f16d

  • SHA512

    5a103daa02138636448078809eb4f024981a8d2058d42fb33833a4c18367428d6fcc3cc50744abd5facab79a895431a3013169af114359b3d427ea1d9240e882

  • SSDEEP

    24576:snNVYtFSk5Z/Qczacxc4kU/NYEm+03KTNWh6E6T7gz:E6Ss8+/wAhWh6/g

Malware Config

Extracted

Family

cobaltstrike

C2

http://152.136.100.26:80/b7Vn

Attributes
  • user_agent

    User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.1)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\926c1f3385e5b81c53bdab95a50f44b0c1158dbfbaefe9ba05bcc4c35365f16d.exe
    "C:\Users\Admin\AppData\Local\Temp\926c1f3385e5b81c53bdab95a50f44b0c1158dbfbaefe9ba05bcc4c35365f16d.exe"
    1⤵
      PID:4964
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4460 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:8
      1⤵
        PID:3568

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4964-0-0x000002B2ED7B0000-0x000002B2ED7B1000-memory.dmp

        Filesize

        4KB