Analysis
-
max time kernel
141s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
25-07-2024 01:45
Static task
static1
Behavioral task
behavioral1
Sample
LisectAVT_2403002C_179.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
LisectAVT_2403002C_179.exe
Resource
win10v2004-20240709-en
General
-
Target
LisectAVT_2403002C_179.exe
-
Size
19KB
-
MD5
f75b0a9c017f6b49cdea342e83c10acd
-
SHA1
e7e9820ad78c86dd65f5a4bfc4adbada7549f053
-
SHA256
d0ea156b9079bcc3598f5ec8dfec6d579c9a625606154e1be4a1b1ce570bfbf6
-
SHA512
1ae08b2e83ece9e2f6eaad5ca4be45b230096ea4e6d5ba8c1a4d96e17a889db7ecc16c7c7ced6b9501338ed24d1a835d27a8febadfbb7707fd9ba8b982126a7f
-
SSDEEP
192:DV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2uIxUls7LZqWF8qa1Dojjgi:tqaCF31cix+Dc4zj1AFzFF46gi
Malware Config
Extracted
cobaltstrike
http://5.34.205.152:80/SlDZ
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MANM)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.