Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24-06-2024 14:46
Static task
static1
Behavioral task
behavioral1
Sample
30ed42c38ee7a28ec8b59f038b4eb8c7ffcc8c6c0be34b3a4314407249ce5418.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
30ed42c38ee7a28ec8b59f038b4eb8c7ffcc8c6c0be34b3a4314407249ce5418.exe
Resource
win10v2004-20240611-en
General
-
Target
30ed42c38ee7a28ec8b59f038b4eb8c7ffcc8c6c0be34b3a4314407249ce5418.exe
-
Size
19KB
-
MD5
48a829afbad98cdc8854c2e31917ca92
-
SHA1
e92f1368984bd93ab113ddb7341fd67d2dd8ee57
-
SHA256
30ed42c38ee7a28ec8b59f038b4eb8c7ffcc8c6c0be34b3a4314407249ce5418
-
SHA512
950f7e89271ec879ab99b6a7b958271cd39bacd97de0a21c60b3146fe89806e0448543a8bc7080d9241ec75f8ef412f1ac9739a1d4a94bbd742037422147e996
-
SSDEEP
192:9V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2Ashj2TWF8qa1Dojjgi:vqaCF31cix+Dc4zjHijPFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.198.130:808/qP7e
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.