Analysis
-
max time kernel
148s -
max time network
148s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
25-06-2024 14:20
Static task
static1
Behavioral task
behavioral1
Sample
124a5074c29f773f00a5209d6c54abf1d65bbe709881305b5213eb8320c99ff1.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
124a5074c29f773f00a5209d6c54abf1d65bbe709881305b5213eb8320c99ff1.exe
Resource
win10v2004-20240508-en
General
-
Target
124a5074c29f773f00a5209d6c54abf1d65bbe709881305b5213eb8320c99ff1.exe
-
Size
1.3MB
-
MD5
4f6ce362912747a5c5330eceb076840d
-
SHA1
e076e14629f675104e10ce0da598a1ba2734e765
-
SHA256
124a5074c29f773f00a5209d6c54abf1d65bbe709881305b5213eb8320c99ff1
-
SHA512
297705f911571f16928275c488fbb23ad05d3bd2cc0f41ab23c7c43d1efad11baf1dbe062c6a7dd1a8003f350737b6669c5feeb5ee6d7911c41c08f5abbda187
-
SSDEEP
24576:7mungKW+FmVq+TslSUwD7xRTw/QgYg14q5v40qJExb1:7A+FmVqpS1nELYg1V/xb1
Malware Config
Extracted
cobaltstrike
http://172.93.42.207:7443/_/jquery-3.7.1.min.js
-
user_agent
Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.