Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
13-09-2024 10:07
Static task
static1
Behavioral task
behavioral1
Sample
be5dcf3f693ac4807fd5ec93946daa14e4e4d70dfd406e5e7fe15ce8c240b096.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
be5dcf3f693ac4807fd5ec93946daa14e4e4d70dfd406e5e7fe15ce8c240b096.exe
Resource
win10v2004-20240802-en
General
-
Target
be5dcf3f693ac4807fd5ec93946daa14e4e4d70dfd406e5e7fe15ce8c240b096.exe
-
Size
19KB
-
MD5
112f3df394196d7b98e44550b6793cd4
-
SHA1
1bc76955445a9aaacc735130b830002431263076
-
SHA256
be5dcf3f693ac4807fd5ec93946daa14e4e4d70dfd406e5e7fe15ce8c240b096
-
SHA512
c308866edc36cc712c903b499eca2432c3e22d8c0a7cc27bd0a5996a5301f4dd9b0d7e6c1d9cf1bd96e32ceeca10da08eb764a6faa50715116527d23c1af6a86
-
SSDEEP
192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2p0WF8qa1Dojjgi:iqaCF31cix+Dc4zj0BFF46gi
Malware Config
Extracted
cobaltstrike
http://10.20.0.116:8020/ZbTM
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;SVSE)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.