Analysis
-
max time kernel
148s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
25-07-2024 01:45
Static task
static1
Behavioral task
behavioral1
Sample
LisectAVT_2403002C_177.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
LisectAVT_2403002C_177.exe
Resource
win10v2004-20240709-en
General
-
Target
LisectAVT_2403002C_177.exe
-
Size
19KB
-
MD5
6a7f97a10830becd43d156b9a03ae589
-
SHA1
1964db2ad9fdd19ebc6698156ca487fcbc26218b
-
SHA256
276c5328f1cbf6e24c50cc3ddac299b4ea8b569d8e91c3ae4c6f61362236d46b
-
SHA512
87087be3670fa782faf993ff9af8b01c1e3f57448c70dae478b3adff702ced0b0158d356170af294873b664a1ad989818bf3914273fce7043e37cb2ead9479f5
-
SSDEEP
192:lV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/27gayerOWF8qa1Dojjgi:HqaCF31cix+Dc4zjIDbFF46gi
Malware Config
Extracted
cobaltstrike
http://120.48.5.80:7421/rN4i
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MATP; MATP)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.