Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
25-06-2024 13:22
Static task
static1
Behavioral task
behavioral1
Sample
c0da7ceacc200dfbd5c3140a7ef8bd9eaa201d1068b02c8b8cf3154dae7408fe.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c0da7ceacc200dfbd5c3140a7ef8bd9eaa201d1068b02c8b8cf3154dae7408fe.exe
Resource
win10v2004-20240508-en
General
-
Target
c0da7ceacc200dfbd5c3140a7ef8bd9eaa201d1068b02c8b8cf3154dae7408fe.exe
-
Size
19KB
-
MD5
226006105616c4908e31085550c2fbf9
-
SHA1
862bd8395108acc8fd27f5ab39fc1890dc4178c6
-
SHA256
c0da7ceacc200dfbd5c3140a7ef8bd9eaa201d1068b02c8b8cf3154dae7408fe
-
SHA512
e636777b2dc0a5349645e1808561c1fee735ae4ba95280f9c8e1b5ecf5318832778f95e6845a2c35c1a22196968b72eb29d7487ee71d7ea893e500a5b7e3914c
-
SSDEEP
192:wV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2yWF8qa1Dojjgi:SqaCF31cix+Dc4zjMFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.1.128:8023/n9oG
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.