cobaltstrike | c1dee3c464867ecb9cc118351c321f8234f5fccd4e5e3c1567d8ac5b2f69a05f

Analysis

max time kernel
148s
max time network
150s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
15-06-2024 10:14

Target

c1dee3c464867ecb9cc118351c321f8234f5fccd4e5e3c1567d8ac5b2f69a05f.exe
Size

19KB
MD5

b7e00beba9072b50b1a468b5d555f2f7
SHA1

cfedf585859ed62388600ad756a1190ec5fea388
SHA256

c1dee3c464867ecb9cc118351c321f8234f5fccd4e5e3c1567d8ac5b2f69a05f
SHA512

f0726c24cd5f95d2d248d6561d3689d73ecbdac59167510bfad58866e1a28feda853b7eda7c9e55b88c078330e63e8fc722cdf35ec9988158bad66ab97e874a0
SSDEEP

192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2XNlzAWF8qa1Dojjgi:iqaCF31cix+Dc4zjE7FFF46gi

Score

10^/10

Family

cobaltstrike

http://192.168.106.23:3334/9w3z

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; BOIE9;ENUSMSNIP)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\c1dee3c464867ecb9cc118351c321f8234f5fccd4e5e3c1567d8ac5b2f69a05f.exe
"C:\Users\Admin\AppData\Local\Temp\c1dee3c464867ecb9cc118351c321f8234f5fccd4e5e3c1567d8ac5b2f69a05f.exe"
1⤵
PID:1872

memory/1872-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/1872-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download