Analysis Overview
SHA256
ed8c87382781b45ad8c4b6280315df5b425976f457d60b031e65808074ec6158
Threat Level: Likely benign
The file 2024-06-12_1d0064cd50e34605a167b0fab15b8355_avoslocker_cobalt-strike was found to be: Likely benign.
Malicious Activity Summary
Drops file in Windows directory
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-12 18:29
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 18:29
Reported
2024-06-12 18:31
Platform
win7-20240220-en
Max time kernel
118s
Max time network
118s
Command Line
Signatures
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Users\Admin\AppData\Local\Temp\2024-06-12_1d0064cd50e34605a167b0fab15b8355_avoslocker_cobalt-strike.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\2024-06-12_1d0064cd50e34605a167b0fab15b8355_avoslocker_cobalt-strike.exe
"C:\Users\Admin\AppData\Local\Temp\2024-06-12_1d0064cd50e34605a167b0fab15b8355_avoslocker_cobalt-strike.exe"
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-12 18:29
Reported
2024-06-12 18:31
Platform
win10v2004-20240508-en
Max time kernel
147s
Max time network
149s
Command Line
Signatures
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Users\Admin\AppData\Local\Temp\2024-06-12_1d0064cd50e34605a167b0fab15b8355_avoslocker_cobalt-strike.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\2024-06-12_1d0064cd50e34605a167b0fab15b8355_avoslocker_cobalt-strike.exe
"C:\Users\Admin\AppData\Local\Temp\2024-06-12_1d0064cd50e34605a167b0fab15b8355_avoslocker_cobalt-strike.exe"