e903253b73d3e43e98088dce800bd5fb75c9b2786153c6d0150080c1d002bbb3 | Triage

Submit
Reports

Overview

overview

Static

static

sample.zip

windows7-x64

1

sample.zip

windows10-2004-x64

1

temp/1.c

windows7-x64

3

temp/1.c

windows10-2004-x64

3

temp/1.exe

windows7-x64

temp/1.exe

windows10-2004-x64

temp/123

ubuntu-24.04-amd64

1

temp/CS4.9/CS.lnk

windows7-x64

3

temp/CS4.9/CS.lnk

windows10-2004-x64

3

temp/CS4.9...ke.bat

windows7-x64

1

temp/CS4.9...ke.bat

windows10-2004-x64

1

temp/CS4.9...at.lnk

windows7-x64

6

temp/CS4.9...at.lnk

windows10-2004-x64

7

temp/CS4.9...ke.vbs

windows7-x64

1

temp/CS4.9...ke.vbs

windows10-2004-x64

7

temp/CS4.9...bs.lnk

windows7-x64

3

temp/CS4.9...bs.lnk

windows10-2004-x64

7

temp/CS4.9...rImage

ubuntu-22.04-amd64

4

temp/CS4.9/c2lint

ubuntu-18.04-amd64

1

temp/CS4.9/c2lint

debian-9-armhf

1

temp/CS4.9/c2lint

debian-9-mips

temp/CS4.9/c2lint

debian-9-mipsel

1

temp/CS4.9...nt.jar

windows7-x64

1

temp/CS4.9...nt.jar

windows10-2004-x64

1

temp/CS4.9/uHook.jar

windows7-x64

1

temp/CS4.9/uHook.jar

windows10-2004-x64

1

temp/CS4.9...78.zip

windows7-x64

1

temp/CS4.9...78.zip

windows10-2004-x64

1

WiFi驱动...��.exe

windows7-x64

1

WiFi驱动...��.exe

windows10-2004-x64

temp/CS4.9...Fi.exe

windows7-x64

1

temp/CS4.9...Fi.exe

windows10-2004-x64

Analysis

max time kernel
90s
max time network
96s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
09-09-2024 11:13

Sharing

Static task

static1

cobaltstrike metasploit

5 signatures

Behavioral task

behavioral1

Sample

sample.zip

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

sample.zip

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

temp/1.c

Resource

win7-20240708-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral4

Sample

temp/1.c

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

temp/1.exe

Resource

win7-20240708-en

cobaltstrike backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

temp/1.exe

Resource

win10v2004-20240802-en

cobaltstrike backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

temp/123

Resource

ubuntu2404-amd64-20240523-en

ubuntu-24.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

temp/CS4.9/CS.lnk

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

temp/CS4.9/CS.lnk

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

temp/CS4.9/Cobalt_Strike.bat

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral11

Sample

temp/CS4.9/Cobalt_Strike.bat

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

temp/CS4.9/Cobalt_Strike.bat.lnk

Resource

win7-20240903-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral13

Sample

temp/CS4.9/Cobalt_Strike.bat.lnk

Resource

win10v2004-20240802-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral14

Sample

temp/CS4.9/Cobalt_Strike.vbs

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral15

Sample

temp/CS4.9/Cobalt_Strike.vbs

Resource

win10v2004-20240802-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral16

Sample

temp/CS4.9/Cobalt_Strike.vbs.lnk

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral17

Sample

temp/CS4.9/Cobalt_Strike.vbs.lnk

Resource

win10v2004-20240802-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral18

Sample

temp/CS4.9/TeamServerImage

Resource

ubuntu2204-amd64-20240729-en

ubuntu-22.04-amd64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

temp/CS4.9/c2lint

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

temp/CS4.9/c2lint

Resource

debian9-armhf-20240418-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

temp/CS4.9/c2lint

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

temp/CS4.9/c2lint

Resource

debian9-mipsel-20240729-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

temp/CS4.9/cobaltstrike-client.jar

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

temp/CS4.9/cobaltstrike-client.jar

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

temp/CS4.9/uHook.jar

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

temp/CS4.9/uHook.jar

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

temp/CS4.9/uploads/CVE-2024-30078.zip

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

temp/CS4.9/uploads/CVE-2024-30078.zip

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

WiFi驱动高危漏洞补丁.exe

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

WiFi驱动高危漏洞补丁.exe

Resource

win10v2004-20240802-en

cobaltstrike backdoor trojan

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

temp/CS4.9/uploads/WiFi.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

temp/CS4.9/uploads/WiFi.exe

Resource

win10v2004-20240802-en

cobaltstrike backdoor trojan

windows10-2004-x64

3 signatures

150 seconds

Report Analysis Logs

General

Target

sample.zip
Size

164.6MB
MD5

9184f812e7551c188005d99e431d3684
SHA1

4f2ca58cd4ca6d012df7f7bfeb5769e4418f63eb
SHA256

e903253b73d3e43e98088dce800bd5fb75c9b2786153c6d0150080c1d002bbb3
SHA512

80c7c2878edba585b63f745e9d7924f3fd0ab72fd3d6a42c348affbced42152b76b0f20ab26ffa9e91b529387a721b00d217e67e43bd74b44e0d60b967c45e96
SSDEEP

3145728:7IJo8sA8wiVpfcFSeiMl00hjqN6M/QChLy5zSrbgpljrPIxPLzqJedD+DC3mb:OoTAUpc4eiruo5DUpl3PoeiyDC36

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\sample.zip
1⤵
PID:4564

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy