Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
27-06-2024 14:28
Static task
static1
Behavioral task
behavioral1
Sample
4092fb8c1deeaee4639ac198f8af25450974bf7649ecf6477e76e46d2ca44adb.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
4092fb8c1deeaee4639ac198f8af25450974bf7649ecf6477e76e46d2ca44adb.exe
Resource
win10v2004-20240508-en
General
-
Target
4092fb8c1deeaee4639ac198f8af25450974bf7649ecf6477e76e46d2ca44adb.exe
-
Size
19KB
-
MD5
a65e89ead0ba381e4f2fc9a0d83a1b64
-
SHA1
0688bd423b0ba77d5a9cf4325eb83463e91a3a7f
-
SHA256
4092fb8c1deeaee4639ac198f8af25450974bf7649ecf6477e76e46d2ca44adb
-
SHA512
99d3d9efc4b51de0305e5a5725cc9b13a23cfa59944cfb4fc6741dc8f2f7e996e3f30fd1936a3f835749e8287bd83b45bdbfa76962dce2f5addcf2d622e9d47f
-
SSDEEP
192:VV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2a2EDW38WF8qa1Dojjgi:3qaCF31cix+Dc4zji5FF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.216.128:80/IiiB
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; 360space)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.