cobaltstrike | ffc015fc7f0e6d7bfd5f4e9d146686514c1952875690c2e1f2db2e10bb1cbc11

Resubmissions

15/07/2024, 05:41

15/07/2024, 05:35

max time kernel
149s
max time network
149s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
15/07/2024, 05:35

Target

ffc015fc7f0e6d7bfd5f4e9d146686514c1952875690c2e1f2db2e10bb1cbc11.exe
Size

19KB
MD5

a8f0f12833457bd3d604fd6bb998a7f7
SHA1

5dbbf1ac06800cfb3b1ecfb43d37f9dd8fc8dcdd
SHA256

ffc015fc7f0e6d7bfd5f4e9d146686514c1952875690c2e1f2db2e10bb1cbc11
SHA512

d84e6133ab8a90c668ccecf9c89d0cf269adc1d43c4a629d0062ca18f1ff60709472d43147ef42e653cf3acbc8818ce8381dce25f151541ceb78cffe5f40edff
SSDEEP

192:GV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2y75C9muEWF8qa1Dojjgi:gqaCF31cix+Dc4zjb5bOFF46gi

Score

10^/10

Family

cobaltstrike

http://192.168.75.128:80/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\ffc015fc7f0e6d7bfd5f4e9d146686514c1952875690c2e1f2db2e10bb1cbc11.exe
"C:\Users\Admin\AppData\Local\Temp\ffc015fc7f0e6d7bfd5f4e9d146686514c1952875690c2e1f2db2e10bb1cbc11.exe"
1⤵
PID:1984

memory/1984-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/1984-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download