Analysis
-
max time kernel
140s -
max time network
142s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
25-07-2024 01:45
Static task
static1
Behavioral task
behavioral1
Sample
LisectAVT_2403002C_178.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
LisectAVT_2403002C_178.exe
Resource
win10v2004-20240709-en
General
-
Target
LisectAVT_2403002C_178.exe
-
Size
19KB
-
MD5
0f14de87602eb0ef7f5e5dfaab5a152f
-
SHA1
c145b3af3f129d86b292c2f650830077f24eb348
-
SHA256
ae4dcd24be60dbdaa920b2e11a78a01b38ee59f4500030f8156e2d1ffac8cf38
-
SHA512
2445527e608607091b7a291560abf3211a111cafa881f76debc36fe7c30263554656cca288a29b09138cc988263ab2c8ebf9fafaf91ab0caa735781df47b54df
-
SSDEEP
192:aV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/29/6fbrWF8qa1Dojjgi:0qaCF31cix+Dc4zj+62FF46gi
Malware Config
Extracted
cobaltstrike
http://172.18.0.1:80/4qJn
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2; .NET CLR 2.0.50727)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.