Analysis
-
max time kernel
136s -
max time network
143s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
30/07/2024, 03:55
Static task
static1
Behavioral task
behavioral1
Sample
四川恒玖机械有限公司-关于上海飞机客户服务有限公司成都维修基地叉车项目的询问书.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
四川恒玖机械有限公司-关于上海飞机客户服务有限公司成都维修基地叉车项目的询问书.exe
Resource
win10v2004-20240709-en
General
-
Target
四川恒玖机械有限公司-关于上海飞机客户服务有限公司成都维修基地叉车项目的询问书.exe
-
Size
160KB
-
MD5
85f59da39a2ce6dd7305eb6df689bbe4
-
SHA1
caec49295c3025b0cd9343bdd8a9f4c25f9c3a9d
-
SHA256
375bfc54fbef882da47e2f22d629e894fd0254411a87ea720de79e10074ca229
-
SHA512
603992c47bee81dab6cb756986883f0a14ccb7f27dd84067ff1d456967675cea2f69b57870c896c22e0cca1c70a269524c6ee9ca7a28f0743e9922b50136275f
-
SSDEEP
1536:C7WMqfyjNB19grIyITiOmyu896kvbDv689Wjfc5zjv+1kylhNR:EW7fyjL19xm496kTj9+c5z7+plbR
Malware Config
Extracted
cobaltstrike
http://49.232.175.74:443/res/js/jquery-3.6.2.slim.min.js
-
user_agent
Accept: */* Content-Language: de-DE, en-CA User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.