Analysis
-
max time kernel
148s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
25-07-2024 01:45
Static task
static1
Behavioral task
behavioral1
Sample
LisectAVT_2403002C_175.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
LisectAVT_2403002C_175.exe
Resource
win10v2004-20240709-en
General
-
Target
LisectAVT_2403002C_175.exe
-
Size
19KB
-
MD5
b285a8fc54bb40e5ffe68f93ffe9a2c6
-
SHA1
647d45abb8572bb35cc1beb750607c5d6e5a73ba
-
SHA256
2d1ebdca169932f877c5e88c794eb97e220002c8bb531e7587ac06dff129fc32
-
SHA512
29f98986c7418c5100c635e8b0acdb6dede54b3d64a8fecbe1229771642fd296fcf1e561dc7d99da18c33e3ffbbd54be54dd35f344e14b80452e27de3e93e0cd
-
SSDEEP
192:lV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2LjN/GcjWF8qa1Dojjgi:HqaCF31cix+Dc4zjIyFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.50.141:8088/jw2J
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.