Analysis

  • max time kernel
    140s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 14:12 UTC

General

  • Target

    835c07f54e915980bef6f9a1e4d17224e71ee6dae7f524de417e6881a0295448.exe

  • Size

    578KB

  • MD5

    9f72e5bef527a4547581b04a6f75ee02

  • SHA1

    011e2cb44654c974e250b416aea35218bb506a0f

  • SHA256

    835c07f54e915980bef6f9a1e4d17224e71ee6dae7f524de417e6881a0295448

  • SHA512

    2535b4f1629db15ab47af4ebc640699dde5f32b89e9b010adddf2dbdde6e32ddf058d0caefb8911b1105140263ecdac760193ee82975ea120690c3476abd6d1e

  • SSDEEP

    12288:zarMyqsDbt/OLH0Zywk3Ta77Hp0fWAUmBmmNtlFvYFLCqoJO:zXqDbt30hFvYFLCqoJO

Malware Config

Extracted

Family

cobaltstrike

C2

http://10.110.102.24:5555/Iht8

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0; MASP)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\835c07f54e915980bef6f9a1e4d17224e71ee6dae7f524de417e6881a0295448.exe
    "C:\Users\Admin\AppData\Local\Temp\835c07f54e915980bef6f9a1e4d17224e71ee6dae7f524de417e6881a0295448.exe"
    1⤵
      PID:1252

    Network

      No results found
    • 10.110.102.24:5555
      835c07f54e915980bef6f9a1e4d17224e71ee6dae7f524de417e6881a0295448.exe
      152 B
      3
    • 10.110.102.24:5555
      835c07f54e915980bef6f9a1e4d17224e71ee6dae7f524de417e6881a0295448.exe
      152 B
      3
    • 10.110.102.24:5555
      835c07f54e915980bef6f9a1e4d17224e71ee6dae7f524de417e6881a0295448.exe
      152 B
      3
    • 10.110.102.24:5555
      835c07f54e915980bef6f9a1e4d17224e71ee6dae7f524de417e6881a0295448.exe
      152 B
      3
    • 10.110.102.24:5555
      835c07f54e915980bef6f9a1e4d17224e71ee6dae7f524de417e6881a0295448.exe
      152 B
      3
    • 10.110.102.24:5555
      835c07f54e915980bef6f9a1e4d17224e71ee6dae7f524de417e6881a0295448.exe
      152 B
      3
    • 10.110.102.24:5555
      835c07f54e915980bef6f9a1e4d17224e71ee6dae7f524de417e6881a0295448.exe
      152 B
      3
    No results found

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1252-0-0x0000000000020000-0x0000000000021000-memory.dmp

      Filesize

      4KB

    • memory/1252-1-0x000000013F7A0000-0x000000013F82B000-memory.dmp

      Filesize

      556KB

    • memory/1252-2-0x000000013F7A0000-0x000000013F82B000-memory.dmp

      Filesize

      556KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.