cobaltstrike | 5e6af30d4d80f21569d1f62b094bfbcfa81801fff7228a22b115b320ea6e0943

Analysis

max time kernel
147s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
17-09-2024 05:02

Target

5e6af30d4d80f21569d1f62b094bfbcfa81801fff7228a22b115b320ea6e0943.exe
Size

1.6MB
MD5

8b11174fa09726bf9b08c10b4fa3281a
SHA1

c387ec401e03277186f7400baed9523a9ffb573c
SHA256

5e6af30d4d80f21569d1f62b094bfbcfa81801fff7228a22b115b320ea6e0943
SHA512

a7edeecb5d094c51620f3a1c74cc4fd966d468216c3196123022c28106097e250ad6c49f339e16959fecb73b4dfdaa90f759b6e39d8ff28adb2ecf267ec993a9
SSDEEP

24576:2cUbbJ9hPbbXcrnPcrHEPugR8IhBYLC1v2er7ZNsgw6mBSosS2WHh:2cUnJ9hjArWOugRwLC1v2e5e39FV

Score

10^/10

Family

cobaltstrike

http://1.117.70.39:8767/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\5e6af30d4d80f21569d1f62b094bfbcfa81801fff7228a22b115b320ea6e0943.exe
"C:\Users\Admin\AppData\Local\Temp\5e6af30d4d80f21569d1f62b094bfbcfa81801fff7228a22b115b320ea6e0943.exe"
1⤵
PID:2120

memory/2120-0-0x000002AC943E0000-0x000002AC943E1000-memory.dmp

Filesize
4KB

Download