Overview

overview

7

Static

static

3

2024-09-01...rd.exe

windows7-x64

7

2024-09-01...rd.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    01/09/2024, 22:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-09-01_27f4b1757e59b4e0f82666ac1e2a709a_cobalt-strike_megazord.exe

  • Size

    11.6MB

  • MD5

    27f4b1757e59b4e0f82666ac1e2a709a

  • SHA1

    57bf99d99aaf44fca57bdcb4d22ec96b3a4e6ecf

  • SHA256

    2f81788e3c1daf3d28ec6173534e93433c193945569114f1248dca4b66de831d

  • SHA512

    6e4249e3918de0467c4e11bed563a8ed95fceaa2b9765987815bd7f41f22954fa9505149f526b4f9fdd5d2921fdf5d6a98d1bc0244ca266da82b6943e3c8041b

  • SSDEEP

    98304:of66uJMjg6iIW4bhqa+Uf/fRmrsTGC0jVazlDEpk/E3zA2:Y66uJaZU4bQP8f4rsTGDjVuDEpkM3zj

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-09-01_27f4b1757e59b4e0f82666ac1e2a709a_cobalt-strike_megazord.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-09-01_27f4b1757e59b4e0f82666ac1e2a709a_cobalt-strike_megazord.exe"
    1⤵
    • Loads dropped DLL
    PID:2264

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\.net\2024-09-01_27f4b1757e59b4e0f82666ac1e2a709a_cobalt-strike_megazord\SJ6WvX1novaHcmpV33TkYu9uHJyHdRs=\Shellcode.dll
    Filesize

    7KB

    MD5

    7262fe15a304b2dfff2ba1d5a3274d1b

    SHA1

    66bb3c476094179bac9c2b429bae3a1e53a2934d

    SHA256

    e3c1fb3db21eb4bc423d80408a2eec5b052e9d5f392f734e4934d03957eeb0e1

    SHA512

    47acd290acd1b256174ead2aafb5a70ee2b34c41dc780acd4b31375d13fbed070a96af3f26042fa027c71e02e71afd05de59afb0026e340cdd14a6c87e749c7d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\.net\2024-09-01_27f4b1757e59b4e0f82666ac1e2a709a_cobalt-strike_megazord\SJ6WvX1novaHcmpV33TkYu9uHJyHdRs=\System.Private.CoreLib.dll
    Filesize

    2.1MB

    MD5

    42a046c5324e5d9f014b7763fda7bb72

    SHA1

    a562b622d111e0bf7baf89a43a145925429ab0c1

    SHA256

    f8ee18b308186f973d1e04d2f85cea6ec9c2702a2357d140c3c16d27e5fa740d

    SHA512

    a3529ca0861743993ef9fae40b8e413ac5a4dda5b21427cf6410f434403a70896c35aa49939be3c83971bb74527f3e422faabf092260bd5b75c6e8267a4d6712

    Download Submit

  • \Users\Admin\AppData\Local\Temp\.net\2024-09-01_27f4b1757e59b4e0f82666ac1e2a709a_cobalt-strike_megazord\SJ6WvX1novaHcmpV33TkYu9uHJyHdRs=\System.Security.Cryptography.dll
    Filesize

    77KB

    MD5

    23c20fcffe8082bfc81022f6222fa720

    SHA1

    87793c62c53bc41e99f179094b3c1bc64481b4a1

    SHA256

    398a73d51fc1d4adc04dae6ee93ee7309193f2583cd102cb98cf370e78ec9989

    SHA512

    97f2a947fb74e4c0523d5f4c78e1484a9e94bb9949a6fa828a4c1e6718aefa56f919b2aad2984fff5d1aca82d794fa417f934964c0af6884a501b088dfea6bce

    Download Submit

  • memory/2264-12-0x000000014057D000-0x000000014057E000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2264-17-0x00000000002D0000-0x00000000002D1000-memory.dmp

    Filesize

    4KB

    Download