Analysis
-
max time kernel
149s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
27-06-2024 03:35
Static task
static1
Behavioral task
behavioral1
Sample
5dfd0492813ee56773a5b20f2fda80090cb32e75c07c7211da9d26d9ad408e8f.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
5dfd0492813ee56773a5b20f2fda80090cb32e75c07c7211da9d26d9ad408e8f.exe
Resource
win10v2004-20240508-en
General
-
Target
5dfd0492813ee56773a5b20f2fda80090cb32e75c07c7211da9d26d9ad408e8f.exe
-
Size
19KB
-
MD5
cfb696669c267a83b0cf18837f0777eb
-
SHA1
d9aa7fa988cceeafa8e0058c0b3d0d3e39bc01c5
-
SHA256
5dfd0492813ee56773a5b20f2fda80090cb32e75c07c7211da9d26d9ad408e8f
-
SHA512
fc9c6bf0ac8a7bee636718cfd507e2b5914f39653c0ff72064540fafd20d596e773888bfd2a7ae8e8d7fc89eca6617c5b1252b854c1081e2f4a606ebc237956c
-
SSDEEP
192:YV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2pSiWF8qa1Dojjgi:KqaCF31cix+Dc4zjdbFF46gi
Malware Config
Extracted
cobaltstrike
http://103.179.243.198:8848/9Hht
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; Avant Browser)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.