Analysis
-
max time kernel
148s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
25-07-2024 01:33
Static task
static1
Behavioral task
behavioral1
Sample
LisectAVT_2403002B_494.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
LisectAVT_2403002B_494.exe
Resource
win10v2004-20240709-en
General
-
Target
LisectAVT_2403002B_494.exe
-
Size
1008KB
-
MD5
f893968157e25f7814c698a69bc31a85
-
SHA1
ed9e4fcf56bfb3496343488b6c0230d6fef6769c
-
SHA256
f179be6e851172ca981ce2e7054ba1927f9e5a0a5fbf860acb0a83066a54f5e9
-
SHA512
3fc2694e2df6fed95ef78b177bf85a033c1345f8fae705a388d17ef640bb5557da9d85eba146942f341e26f4758aec537930c6cd6224e6bdba5064a3f690f0bf
-
SSDEEP
12288:kc+RDX7kcf6t98dZdX5oOt2FFAdU9zzB5Fa7Jz9tckjsXaW:kt97kcf6tU5a9B675fcGS
Malware Config
Extracted
cobaltstrike
http://103.47.82.210:80/1fZl
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; NP07; NP07)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.