Analysis
-
max time kernel
140s -
max time network
139s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
12-08-2024 10:37
Static task
static1
Behavioral task
behavioral1
Sample
ec62301a4f58ed7128676dea579a6ed79e1385f872a51f56fc855bbbd5ceae5a.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
ec62301a4f58ed7128676dea579a6ed79e1385f872a51f56fc855bbbd5ceae5a.exe
Resource
win10v2004-20240802-en
General
-
Target
ec62301a4f58ed7128676dea579a6ed79e1385f872a51f56fc855bbbd5ceae5a.exe
-
Size
124KB
-
MD5
e5d5bc6895f8cfe9f7dbef3ee887db24
-
SHA1
e6578ce3eb8d90c0fe8fed7ab2bc53ccb71b6e33
-
SHA256
ec62301a4f58ed7128676dea579a6ed79e1385f872a51f56fc855bbbd5ceae5a
-
SHA512
c8c26746fd8b1150ae264a9476f2cafcfb4be58e0837805d3415a54c6aedb759339929b4c1a50dc1ec75865eead0d47aab927e6ed55cb59d3c2a5b8bb8509d90
-
SSDEEP
3072:kYMUKyusCB66w9qLPrNVp+FllLXkfCwCHzvBIYIKOAIWUU:BsB9w9qjr4zHTBOjU
Malware Config
Extracted
cobaltstrike
http://118.178.229.180:8081/i2qQ
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MAGWJS)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.