cobaltstrike | 3b43baca3b97145dc1760df32dcdb3dee83984e4e89f9faffd09b3eecb29aff8

Analysis

max time kernel
93s
max time network
125s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
15-09-2024 13:54

Target

3b43baca3b97145dc1760df32dcdb3dee83984e4e89f9faffd09b3eecb29aff8.exe
Size

61KB
MD5

e27906e098a130e0b6795dcb3d11c6a6
SHA1

f45d2c0122b53794cddfe5b310b368c6104efc6c
SHA256

3b43baca3b97145dc1760df32dcdb3dee83984e4e89f9faffd09b3eecb29aff8
SHA512

56cd0ed3f3f6ba73e36f8820d6d75677bf7f4fb51c565776966ce295c5ae89c960030ab5583da9477000b87d53fbf10552126a06230fb8f3af39ae9527af6bba
SSDEEP

384:I/n3GaXSP9iJC8lCeTqVayMlim3gI0kuVdRBfnHPRXHxET8BQfBW1/rISrA89Xu:I/31X0kyMAostvR3xETTBGA89

Score

10^/10

Family

cobaltstrike

http://192.168.247.130:80/4Czl

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; FunWebProducts; IE0006_ver1;EN_GB)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\3b43baca3b97145dc1760df32dcdb3dee83984e4e89f9faffd09b3eecb29aff8.exe
"C:\Users\Admin\AppData\Local\Temp\3b43baca3b97145dc1760df32dcdb3dee83984e4e89f9faffd09b3eecb29aff8.exe"
1⤵
PID:2488

memory/2488-0-0x00007FF6083C0000-0x00007FF6083E7000-memory.dmp

Filesize
156KB

Download
memory/2488-1-0x00007FF6083C0000-0x00007FF6083E7000-memory.dmp

Filesize
156KB

Download