Analysis
-
max time kernel
149s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
30/07/2024, 01:28
Static task
static1
Behavioral task
behavioral1
Sample
404e2d1ab02f9417ee86015cd5afa375e246832923815f26d732a16fc31ee45d.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
404e2d1ab02f9417ee86015cd5afa375e246832923815f26d732a16fc31ee45d.exe
Resource
win10v2004-20240709-en
General
-
Target
404e2d1ab02f9417ee86015cd5afa375e246832923815f26d732a16fc31ee45d.exe
-
Size
19KB
-
MD5
5ed70ae0dd18da42b2637da12b922c8b
-
SHA1
0dfd5712de7af6475f69fc336c90833aa3c8478e
-
SHA256
404e2d1ab02f9417ee86015cd5afa375e246832923815f26d732a16fc31ee45d
-
SHA512
b1b51ec3f447486b66d65b2072c54720bbe8fa85e40afdb71bf7a6aedbfc888cdf143dbd3b971b4bc387fa2733a8eb506e58050f6c1d45f0733cf5d2b90b03ee
-
SSDEEP
192:CV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/20tPWF8qa1Dojjgi:MqaCF31cix+Dc4zj9tuFF46gi
Malware Config
Extracted
cobaltstrike
http://119.45.38.62:80/fUOS
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0; Touch)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.