Analysis
-
max time kernel
148s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
25-07-2024 01:45
Static task
static1
Behavioral task
behavioral1
Sample
LisectAVT_2403002C_176.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
LisectAVT_2403002C_176.exe
Resource
win10v2004-20240709-en
General
-
Target
LisectAVT_2403002C_176.exe
-
Size
19KB
-
MD5
609a321fff46937d58f6efa63e792964
-
SHA1
44164b79e966b00be11322e85fafd90f1cb75dbc
-
SHA256
87a54f63e0318610126ec4df990c7aef55caca7a2547d45dd842fea30c31b1d6
-
SHA512
5170d653003e83521a67274236ca834134009a62e7af84888caf7c82b702d2addb1808a76a242c47ed41639b15e758ce64b0ff17d896092342b333bb66548f18
-
SSDEEP
192:aV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2pPzTf2WF8qa1Dojjgi:0qaCF31cix+Dc4zjMTvFF46gi
Malware Config
Extracted
cobaltstrike
http://38.12.0.151:8888/dhNC
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt; DTS Agent
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.