cobaltstrike | 7975bb69cf9a5f290971a5811b510254531e0c6065396ab5ad48a684b1a8cd66

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
26-07-2024 10:24

Target

2024-07-26_06d8a35086592fdbb569985d0ae0d606_snatch.exe
Size

2.8MB
MD5

06d8a35086592fdbb569985d0ae0d606
SHA1

b54adaf0e1db2e2d1b67bb80ad8bfb6e69f9436d
SHA256

7975bb69cf9a5f290971a5811b510254531e0c6065396ab5ad48a684b1a8cd66
SHA512

0af7546b5fbff81d013429d8e72076a7bcc16f9cfbd7f8d5d04a951f724c300b0fad5df8004344e3c212e981965f4985ed78b72dfac0b594f385f605a8293532
SSDEEP

49152:X6xME2f5y9KCOi5+Ceg5oz/zQIM74D1OVD1SjR9N5O6X/5NIoQthX:4yCsDe/R2Ta6Pgz

Score

10^/10

Family

cobaltstrike

http://service-kaic9luv-1307760246.sh.apigw.tencentcs.com:443/bootstrap-2.min.js

Attributes

user_agent
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\2024-07-26_06d8a35086592fdbb569985d0ae0d606_snatch.exe
"C:\Users\Admin\AppData\Local\Temp\2024-07-26_06d8a35086592fdbb569985d0ae0d606_snatch.exe"
1⤵
PID:4600

memory/4600-0-0x00000296C2180000-0x00000296C2181000-memory.dmp

Filesize
4KB

Download