Analysis
-
max time kernel
148s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
15-06-2024 10:17
General
-
Target
734d9b21a1fe876178b3f4bca0be21474356a71fa379eb88876e56c63c506f8b.exe
-
Size
19KB
-
MD5
f6167d27b925f56f453fbd849dd61795
-
SHA1
aaf6ddb4dcf5d56f7a307c3e3363b752baa9e936
-
SHA256
734d9b21a1fe876178b3f4bca0be21474356a71fa379eb88876e56c63c506f8b
-
SHA512
8637ae95438049d5cce725b2c69cff397e279ef87a3d6ea87bc8a196815afbb063ecf5911ab38a93963eb80f7a2d2750a6429134c71923cdc771e771053d5ab9
-
SSDEEP
192:cV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2N6D0HWF8qa1Dojjgi:+qaCF31cix+Dc4zj/DDFF46gi
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
C2
http://192.168.102.201:80/9qnE
Attributes
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; 360space)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
Processes
-
C:\Users\Admin\AppData\Local\Temp\734d9b21a1fe876178b3f4bca0be21474356a71fa379eb88876e56c63c506f8b.exe"C:\Users\Admin\AppData\Local\Temp\734d9b21a1fe876178b3f4bca0be21474356a71fa379eb88876e56c63c506f8b.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1440-0-0x0000000000020000-0x0000000000021000-memory.dmpFilesize
4KB
-
memory/1440-1-0x0000000000400000-0x000000000040C000-memory.dmpFilesize
48KB