Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
25-06-2024 13:24
Static task
static1
Behavioral task
behavioral1
Sample
9ee10bd176c82335386bb9ef884a6ed977ccce6052a55e41d7ab33f4ff802ca0.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
9ee10bd176c82335386bb9ef884a6ed977ccce6052a55e41d7ab33f4ff802ca0.exe
Resource
win10v2004-20240508-en
General
-
Target
9ee10bd176c82335386bb9ef884a6ed977ccce6052a55e41d7ab33f4ff802ca0.exe
-
Size
19KB
-
MD5
d0da7e703901616dcc2a3439a6a13843
-
SHA1
e91c3d5433ea6ab26c9c8a32346c657c218072fc
-
SHA256
9ee10bd176c82335386bb9ef884a6ed977ccce6052a55e41d7ab33f4ff802ca0
-
SHA512
6e134069c3f4bf9e04a78d67a5101552e344160eeafe1c655b729839b95bf3c2317349d9e56bb6f75f81104d24360132aea951bf69014ce4dc019d23a2549485
-
SSDEEP
192:KV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2To2LWF8qa1Dojjgi:kqaCF31cix+Dc4zjD7FF46gi
Malware Config
Extracted
cobaltstrike
http://159.75.104.157:8880/api/2
-
user_agent
Host: d8.lol User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.