cobaltstrike | a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8

Analysis

max time kernel
94s
max time network
125s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
14-09-2024 14:06

Target

a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
Size

19KB
MD5

edb00e09ba749c47439eb5ed52ee8d41
SHA1

fc275f8b71d65a3068cf93e13630e7e1de92837e
SHA256

a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8
SHA512

55bae189f406c10a36391e85a34f02709d01321822345743b9b7350c467a08efadca9885a39f781a04e7ce06ac72ed232fa2ea738e3e75050b7b581f95568447
SSDEEP

192:WV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/23B4GWF8qa1Dojjgi:wqaCF31cix+Dc4zjTFF46gi

Score

10^/10

Family

cobaltstrike

http://47.250.189.43:4399/8nvA

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; FunWebProducts)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe
"C:\Users\Admin\AppData\Local\Temp\a91eb6201915276d6c3281d480d7993bae453b40c26be4efb873c00d924fcaf8.exe"
1⤵
PID:3056

memory/3056-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/3056-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download