Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 14:06 UTC

General

  • Target

    a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe

  • Size

    19KB

  • MD5

    edb00e09ba749c47439eb5ed52ee8d41

  • SHA1

    fc275f8b71d65a3068cf93e13630e7e1de92837e

  • SHA256

    a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8

  • SHA512

    55bae189f406c10a36391e85a34f02709d01321822345743b9b7350c467a08efadca9885a39f781a04e7ce06ac72ed232fa2ea738e3e75050b7b581f95568447

  • SSDEEP

    192:WV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/23B4GWF8qa1Dojjgi:wqaCF31cix+Dc4zjTFF46gi

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.250.189.43:4399/8nvA

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; FunWebProducts)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
    "C:\Users\Admin\AppData\Local\Temp\a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe"
    1⤵
      PID:2956

    Network

      No results found
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    • 47.250.189.43:4399
      a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
      152 B
      120 B
      3
      3
    No results found

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2956-0-0x0000000000020000-0x0000000000021000-memory.dmp

      Filesize

      4KB

    • memory/2956-1-0x0000000000400000-0x000000000040C000-memory.dmp

      Filesize

      48KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.