Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
25-06-2024 13:24
Static task
static1
Behavioral task
behavioral1
Sample
e10eaaa055f9b27be16ac652c44934f85ecad0f0d2b40ca04291343141531501.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
e10eaaa055f9b27be16ac652c44934f85ecad0f0d2b40ca04291343141531501.exe
Resource
win10v2004-20240611-en
General
-
Target
e10eaaa055f9b27be16ac652c44934f85ecad0f0d2b40ca04291343141531501.exe
-
Size
19KB
-
MD5
267be891c710a6e8f9cc778c6e079302
-
SHA1
401402d1f414831210b9deb7abb60143046d9823
-
SHA256
e10eaaa055f9b27be16ac652c44934f85ecad0f0d2b40ca04291343141531501
-
SHA512
fa88832530c3039327fe92d5f4a15762f2edea6686f89912743ca30bdcf853fbd3fe2d9538c8abefea95626269ce4bb27988d13204af2936edf191b53033e9a7
-
SSDEEP
192:DV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2XsjlWF8qa1Dojjgi:tqaCF31cix+Dc4zjwvFF46gi
Malware Config
Extracted
cobaltstrike
http://116.204.24.189:8888/2Qnl
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.