cobaltstrike | 5e12c3c7eb56b8012b8ddd27f67c730f51ae555c7f55862bafe267a8ecfd22fb

Analysis

max time kernel
94s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
12-09-2024 23:34

Target

5748ac49c510a6f44b70deb0d0b624d0N.exe
Size

59KB
MD5

5748ac49c510a6f44b70deb0d0b624d0
SHA1

0927b5ba09ecd47da0267129db9ba233c42e610b
SHA256

5e12c3c7eb56b8012b8ddd27f67c730f51ae555c7f55862bafe267a8ecfd22fb
SHA512

7bb07c3ff1e5b8768d64b5a8492223549474ce8ea4ffac99ea2141948f3d4de74067c02e04528039764b9d836eec6a642f4f07e08965492432a714fca03f46dc
SSDEEP

768:yhdfqt9PaM+OEU0ch0nt/snMAhHGXm5P0QhDXhG/:mfqtOOEU0ch0nt/gv5h0QhDY/

Score

10^/10

Family

cobaltstrike

http://1.92.124.144:2345/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\5748ac49c510a6f44b70deb0d0b624d0N.exe
"C:\Users\Admin\AppData\Local\Temp\5748ac49c510a6f44b70deb0d0b624d0N.exe"
1⤵
PID:2404

memory/2404-0-0x00007FF6F4E90000-0x00007FF6F4EA4000-memory.dmp

Filesize
80KB

Download