cobaltstrike | eab55047f37c9a77ef850b668a3e39241757b9f9f5f5a37e8e684d1a0edd717a

Analysis

max time kernel
112s
max time network
116s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
21-07-2024 06:34

Target

7de77680e176b7beac3ba09dc08b2410N.exe
Size

17KB
MD5

7de77680e176b7beac3ba09dc08b2410
SHA1

12c63c50a7529537ba4644d8a1ad9183b8b53971
SHA256

eab55047f37c9a77ef850b668a3e39241757b9f9f5f5a37e8e684d1a0edd717a
SHA512

bed590c84a9fe244c084606ccd50ce063f6059d1d3126fd449b55e917f06956a1b8a534bdd764e5d6026a6a3f9b589e7fd30fb02980d9da2817181314eb60672
SSDEEP

192:aWA0TJAPyjLHY219R8C6wtQbYu2KmbxQ2C04kvWgepEt2EGmVHgI7j6EUbOD6kxB:DA0TJASPp6p/D43FvWgepa736IAY

Score

10^/10

Family

cobaltstrike

http://39.96.33.178:1111/Xk2h

Attributes

user_agent
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\7de77680e176b7beac3ba09dc08b2410N.exe
"C:\Users\Admin\AppData\Local\Temp\7de77680e176b7beac3ba09dc08b2410N.exe"
1⤵
PID:2772

memory/2772-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2772-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download