Overview

overview

10

Static

static

3

d00857f9f1...18.exe

windows7-x64

10

d00857f9f1...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-09-2024 17:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d00857f9f1e95ac744f44a8bd538ddb9_JaffaCakes118.exe

  • Size

    1.3MB

  • MD5

    d00857f9f1e95ac744f44a8bd538ddb9

  • SHA1

    931f8309d00b979a70e3cca6f067b99fd966938d

  • SHA256

    39c63ab37be950695b0c9e6d0ebf2d77e237d3fcd394d090fc0133b625e39917

  • SHA512

    d8098983c7dab3ad9d6da2be9f5ebaeda1893d7459864ad4bf2c144ce725d6526051da7f6885e964200eadeb7f6685b592b15890767776aa6dd1be83d0dbce98

  • SSDEEP

    24576:LzL9Kh/KDa2vASDKNr+JYcgX2ipV6GG76jpf6WU/3:LzZKh/KDa2oSDarogGkPRF0

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://openrssfeed.xyz:4433/SbEc

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\d00857f9f1e95ac744f44a8bd538ddb9_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\d00857f9f1e95ac744f44a8bd538ddb9_JaffaCakes118.exe"
    1⤵
      PID:4404

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4404-0-0x0000000026740000-0x0000000026741000-memory.dmp

      Filesize

      4KB

      Download