Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
148s -
max time network
160s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
29/07/2024, 06:54
Static task
static1
Behavioral task
behavioral1
Sample
13cd411c6ed34b1d22b9e5de97ab07c27fcfa092c8f1cd33ffc90cd9172da18a.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
13cd411c6ed34b1d22b9e5de97ab07c27fcfa092c8f1cd33ffc90cd9172da18a.exe
Resource
win10v2004-20240709-en
General
-
Target
13cd411c6ed34b1d22b9e5de97ab07c27fcfa092c8f1cd33ffc90cd9172da18a.exe
-
Size
19KB
-
MD5
28c9bc6eb53bca31746eb97fe3a2cc28
-
SHA1
b6bc3789b57759f08d80075375cedd03c34e6517
-
SHA256
13cd411c6ed34b1d22b9e5de97ab07c27fcfa092c8f1cd33ffc90cd9172da18a
-
SHA512
45f42e6cb7323c699e02fea05b0245222c5448090475b26384e06cc7b1832765dedc8a01995dd487cc11335aabcb92ce3bfd3e473668cc008d41fd4a3746c61f
-
SSDEEP
192:CV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2KUNeY48FWF8qa1Dojjgi:MqaCF31cix+Dc4zjMeYfoFF46gi
Malware Config
Extracted
cobaltstrike
http://101.43.103.253:8080/EMtW
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.