cobaltstrike | 4e098ca8de5cb452f1619137da30e1de2fc78344d0b93c551b5409c337603996

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
13-09-2024 18:37

Target

4e098ca8de5cb452f1619137da30e1de2fc78344d0b93c551b5409c337603996.exe
Size

19KB
MD5

2e146ddd0f1efd88d69751076dd63f45
SHA1

195ebd91a1c92f63956ef94be6b267b06344cba3
SHA256

4e098ca8de5cb452f1619137da30e1de2fc78344d0b93c551b5409c337603996
SHA512

9563066366dae970c5de4f4ce44b8597261482dd9b4e5e7d10965e3f9bab0dfc45f63451ea4fb08e165b865641659f205b0188065344e9c765838d9228e0b6f5
SSDEEP

192:DV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2DiCAqbKWF8qa1Dojjgi:tqaCF31cix+Dc4zj2Aq/FF46gi

Score

10^/10

Family

cobaltstrike

http://192.168.41.128:8899/I7xe

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; NP06)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\4e098ca8de5cb452f1619137da30e1de2fc78344d0b93c551b5409c337603996.exe
"C:\Users\Admin\AppData\Local\Temp\4e098ca8de5cb452f1619137da30e1de2fc78344d0b93c551b5409c337603996.exe"
1⤵
PID:4964

memory/4964-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/4964-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download