cobaltstrike | ee014b3f73ef1e64af32f01d881b2bb51cf447ecf9158c1bb2c473b14f5134d8

Analysis

max time kernel
117s
max time network
117s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
15-09-2024 09:05

Target

e223aeb6685032017a3feb55fc8a4446_JaffaCakes118.exe
Size

19KB
MD5

e223aeb6685032017a3feb55fc8a4446
SHA1

5c974b2f6723447ebe0240e0eb601ad4e4948b4e
SHA256

ee014b3f73ef1e64af32f01d881b2bb51cf447ecf9158c1bb2c473b14f5134d8
SHA512

fc02a9fd3db27f3f69913fe9d6098261b435986f8b21b0b6c7fae7d75b5e948c871c280020fe1bb74e46acba093cf95f964454cdffc8ed00d02992125ae28197
SSDEEP

192:LbPLhIofWpw2mobwieDzPIPsXgbGQGfMZAq/V5nnnRZ1eZAqKtljvTNKShh2x48:LD6ofWCTNc5bGQGBMAZ1gfDj8

Score

10^/10

Family

cobaltstrike

http://ctteducation.com:443/3bxP

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; NP09; NP09; MAAU)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\e223aeb6685032017a3feb55fc8a4446_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\e223aeb6685032017a3feb55fc8a4446_JaffaCakes118.exe"
1⤵
PID:2960

memory/2960-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2960-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download