Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
09-06-2024 05:34
Static task
static1
Behavioral task
behavioral1
Sample
e54f5aeb1d60aa69b107fe88d68a6729646c75a3beb62c449fd68e1f75862e82.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
e54f5aeb1d60aa69b107fe88d68a6729646c75a3beb62c449fd68e1f75862e82.exe
Resource
win10v2004-20240508-en
General
-
Target
e54f5aeb1d60aa69b107fe88d68a6729646c75a3beb62c449fd68e1f75862e82.exe
-
Size
19KB
-
MD5
88fc3a9da90e61955907a5dee6ff7f1a
-
SHA1
a252f40dfea29f8ea45419c53ca2b5bb6e11a762
-
SHA256
e54f5aeb1d60aa69b107fe88d68a6729646c75a3beb62c449fd68e1f75862e82
-
SHA512
2b36ebe1f0be20b9c31fb5cda8fa5d72bc1a1019dc567d7fca20ffbb329272ee1a5522558fa73c999d6a9238a1c93014032d039c37e4083a30d127aa0cf3d309
-
SSDEEP
192:KV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2WZLxKWF8qa1Dojjgi:kqaCF31cix+Dc4zjTlTFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.247.136:80/cJFj
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MDDRJS)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.