Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24-06-2024 14:46
Static task
static1
Behavioral task
behavioral1
Sample
324b1de2a7336207c4ea86c2d5e1a1cc6bd2e275eda37f537302fcd2e40fb0a9.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
324b1de2a7336207c4ea86c2d5e1a1cc6bd2e275eda37f537302fcd2e40fb0a9.exe
Resource
win10v2004-20240508-en
General
-
Target
324b1de2a7336207c4ea86c2d5e1a1cc6bd2e275eda37f537302fcd2e40fb0a9.exe
-
Size
41KB
-
MD5
8e756cac972dd03e8242edfe8f2ae10e
-
SHA1
4d589ced6a5c45cba089f0b0eb6909990f52f2c1
-
SHA256
324b1de2a7336207c4ea86c2d5e1a1cc6bd2e275eda37f537302fcd2e40fb0a9
-
SHA512
e244286a9cea80be120e7d23506ec0d41f6d42f058db50b89606bd4c9398fdb0c91b38760dada245b9ba4dca6c8af58b3ee86725c49a7c79741f17284b6d6d47
-
SSDEEP
768:WJBOZpWVJUNNua3RsFTcuvwpw49G7DetPG3VsHFJQUdW:/QJUjua3y9wS49G7S+EQUd
Malware Config
Extracted
cobaltstrike
http://www.yyyol.xyz:443/2/events/com.amazon.csm.csa.prod
-
user_agent
Host: www.yyyol.xyz Accept: */* Accept-Language: en-US,en;q=0.5 Connection: close User-Agent: Mozilla/5.0 (Windows NT 5.0; rv:21.0) Gecko/20100101 Firefox/21.0
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.