cobaltstrike | c82bc5adcc85cc3bfcddd47107517688626ab845fa2a1e21f780cab8aa4a8f88

Analysis

max time kernel
131s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
14-09-2024 20:24

Target

c82bc5adcc85cc3bfcddd47107517688626ab845fa2a1e21f780cab8aa4a8f88.exe
Size

148KB
MD5

a5484e12cc924f21a9e113916b10f543
SHA1

31a97af056c3c8f339e2f01d1b940dce6ed31ee9
SHA256

c82bc5adcc85cc3bfcddd47107517688626ab845fa2a1e21f780cab8aa4a8f88
SHA512

9e2089341f20f16ad42527b650deda034f2cb3b2ad1a1ad9924c716407ffb191494c830fb48cbcbef87d4f60c178e1cc88a11c1e75999e24a2e31411e35dc29f
SSDEEP

1536:UoveAX56dIB/4ZW9ow4uTxoRzNWqWyZE3RCoVQZnmkEhH1NcGKFJHqKsd8HAc83Y:lpVrb1oRzNWqZEeEFUGK5sQ7gS

Score

10^/10

Family

cobaltstrike

http://42.192.53.131:4431/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\c82bc5adcc85cc3bfcddd47107517688626ab845fa2a1e21f780cab8aa4a8f88.exe
"C:\Users\Admin\AppData\Local\Temp\c82bc5adcc85cc3bfcddd47107517688626ab845fa2a1e21f780cab8aa4a8f88.exe"
1⤵
PID:2884

memory/2884-0-0x00000274F5A10000-0x00000274F5A11000-memory.dmp

Filesize
4KB

Download
memory/2884-1-0x00000274F5A20000-0x00000274F5A21000-memory.dmp

Filesize
4KB

Download
memory/2884-2-0x00000274F5A20000-0x00000274F5A21000-memory.dmp

Filesize
4KB

Download