cobaltstrike | 51d40e769b726f306961de9b002694dc198f2faf8740b46b9b5ad47573476af0

Analysis

max time kernel
148s
max time network
153s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
11-06-2024 10:32

Target

51d40e769b726f306961de9b002694dc198f2faf8740b46b9b5ad47573476af0.exe
Size

19KB
MD5

5c2749e881051ba81e0c0560d0964998
SHA1

8a204dd8a0c156db1b8834fe7cea5cf33878af88
SHA256

51d40e769b726f306961de9b002694dc198f2faf8740b46b9b5ad47573476af0
SHA512

852d41933818277797c0ca2a21d36b73f2190ddb5bbbb249b74ee3bc15ab0e9b588572011189fa21df8aea2299e232342a52756cf3bca2d91d37bd13fb1605e2
SSDEEP

192:sV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2lZXF1iBUWF8qa1Dojjgi:OqaCF31cix+Dc4zjeZiFF46gi

Score

10^/10

Family

cobaltstrike

http://54.179.250.192:8025/nhU2

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;ENAU)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\51d40e769b726f306961de9b002694dc198f2faf8740b46b9b5ad47573476af0.exe
"C:\Users\Admin\AppData\Local\Temp\51d40e769b726f306961de9b002694dc198f2faf8740b46b9b5ad47573476af0.exe"
1⤵
PID:2128

memory/2128-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2128-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download