Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
27-06-2024 14:25
Static task
static1
Behavioral task
behavioral1
Sample
8721aec783b1ceaeb1c0e89363ed5ec1b4851f49ed5ebf4014395a4984bd075e.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
8721aec783b1ceaeb1c0e89363ed5ec1b4851f49ed5ebf4014395a4984bd075e.exe
Resource
win10v2004-20240611-en
General
-
Target
8721aec783b1ceaeb1c0e89363ed5ec1b4851f49ed5ebf4014395a4984bd075e.exe
-
Size
19KB
-
MD5
4fa9f02ab09abc55e51eb5d45c873d1d
-
SHA1
08c599e42f4e9f308d9f5bcff79cecbb2e099f71
-
SHA256
8721aec783b1ceaeb1c0e89363ed5ec1b4851f49ed5ebf4014395a4984bd075e
-
SHA512
ec819f43adaf996fc5c67e4481bba258680b019c11682fdd4f021e8268d22e1056a6d46ba900723d45c48882d757136bd04a1abf3b12f47b9c75c8afb45b56a9
-
SSDEEP
192:ZV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2kf+XMO3WF8qa1Dojjgi:7qaCF31cix+Dc4zjzfsrGFF46gi
Malware Config
Extracted
cobaltstrike
http://45.156.24.8:44307/vf5L
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; FunWebProducts)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.