cobaltstrike | 7890687456618adfbc87c2ff36e360117048dd026632d09b0500d5a03056428e

Analysis

max time kernel
141s
max time network
140s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
11-09-2024 11:18

Target

7890687456618adfbc87c2ff36e360117048dd026632d09b0500d5a03056428e.exe
Size

19KB
MD5

da44dcba25088fd45031cc1dee7a7060
SHA1

73a0751f57c53fbd71a2f24d28174665c770298b
SHA256

7890687456618adfbc87c2ff36e360117048dd026632d09b0500d5a03056428e
SHA512

fb1370f71ea6deaab6433903c312382814c4e10f6a588b31f0fa2b4d1c2b1d8a23da5417826e262ff13583d894cc4beb93ed1a73d964f61dff93f61151519b05
SSDEEP

192:KV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2gi3C11fHdWF8qa1Dojjgi:kqaCF31cix+Dc4zjffLHQFF46gi

Score

10^/10

Family

cobaltstrike

http://192.168.150.128:80/9Fhv

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/5.0)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\7890687456618adfbc87c2ff36e360117048dd026632d09b0500d5a03056428e.exe
"C:\Users\Admin\AppData\Local\Temp\7890687456618adfbc87c2ff36e360117048dd026632d09b0500d5a03056428e.exe"
1⤵
PID:2080

memory/2080-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2080-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download