cobaltstrike | 7f8e7c24a4009451d2b9ab73bc977289fa82195f29439cc7ffcb7d7699cae83c

Analysis

max time kernel
147s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
16-09-2024 14:03

Target

7f8e7c24a4009451d2b9ab73bc977289fa82195f29439cc7ffcb7d7699cae83c.exe
Size

1.4MB
MD5

ad0ce1a7292fec03493fe85333fc9204
SHA1

557f57e80ed849776338f5b64bb303401dfd65e0
SHA256

7f8e7c24a4009451d2b9ab73bc977289fa82195f29439cc7ffcb7d7699cae83c
SHA512

c947cb2f8f20624dbc9d47700bc737a74ca59bf4208c2491d2260262b6616dba8497b8c7c06a96336658db0b4da7bb0b69e70dbedae82fde27828d1d7fb254ad
SSDEEP

24576:/O2NiXx8923qkkNlUxZKeOA0PtPy6rNb/u2cahx:m8iXW9QtZIRRhNb5dh

Score

10^/10

Family

cobaltstrike

http://49.235.118.195:8441/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\7f8e7c24a4009451d2b9ab73bc977289fa82195f29439cc7ffcb7d7699cae83c.exe
"C:\Users\Admin\AppData\Local\Temp\7f8e7c24a4009451d2b9ab73bc977289fa82195f29439cc7ffcb7d7699cae83c.exe"
1⤵
PID:1572

memory/1572-0-0x000001BB74230000-0x000001BB74231000-memory.dmp

Filesize
4KB

Download