Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
24-06-2024 14:43
Static task
static1
Behavioral task
behavioral1
Sample
d171d408045121110c8bdace9b77d7fdefa5313e6bbaf1d920cffa561fe504bb.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
d171d408045121110c8bdace9b77d7fdefa5313e6bbaf1d920cffa561fe504bb.exe
Resource
win10v2004-20240611-en
General
-
Target
d171d408045121110c8bdace9b77d7fdefa5313e6bbaf1d920cffa561fe504bb.exe
-
Size
19KB
-
MD5
a0d0f32706571fe0654b54747e94250a
-
SHA1
e479bc315b246f347f7f22f3d852e92cf6352e41
-
SHA256
d171d408045121110c8bdace9b77d7fdefa5313e6bbaf1d920cffa561fe504bb
-
SHA512
09a7269b35c8af4c2d276d4ff9f570a8e3c1267fd576ea1b72f48a431c30a1caa92133f1ef15800f9fd67ca837f1724807f07f1ac182daeef62bf3cc63da2931
-
SSDEEP
192:JV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2lGHPWF8qa1Dojjgi:rqaCF31cix+Dc4zjAFF46gi
Malware Config
Extracted
cobaltstrike
http://101.200.138.190:12345/MYSd
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; FunWebProducts)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.