Analysis
-
max time kernel
147s -
max time network
151s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
14/09/2024, 14:06 UTC
Static task
static1
Behavioral task
behavioral1
Sample
e9302c70c7b19c8ecd1af5899613f447ef4c9a83e383472ddae098c9465d6a38.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e9302c70c7b19c8ecd1af5899613f447ef4c9a83e383472ddae098c9465d6a38.exe
Resource
win10v2004-20240802-en
General
-
Target
e9302c70c7b19c8ecd1af5899613f447ef4c9a83e383472ddae098c9465d6a38.exe
-
Size
576KB
-
MD5
ba94775b3423fdd4d5d3d9ec8209a637
-
SHA1
a7c70461aade54b54b6458634cd7d0c86ab5cc4f
-
SHA256
e9302c70c7b19c8ecd1af5899613f447ef4c9a83e383472ddae098c9465d6a38
-
SHA512
822de07a38a8c6bad491ebe10add02926f7d410a24d75b8b5d1954fdd351623da8efb4975fd240467467a176d300514e63a4652642303d21ce7830ad1d80183c
-
SSDEEP
12288:E9OrxVw6vt3UYPHKVwk3Ta77Hp0fWAUmBJmdluPvYFLTqop4:E9Wa6vtkuqPvYFLTqop4
Malware Config
Extracted
cobaltstrike
http://10.110.102.24:5555/Iht8
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0; MASP)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
Processes
Network
- No results found
-
152 B 3
-
152 B 3
-
152 B 3
-
152 B 3
-
152 B 3
-
152 B 3
-
152 B 3
-
52 B 1