cobaltstrike | 9ba8bd7e9125d20b7c00d1ea25bbc932f6347146d30417a75c68e98365ca7c4a

Analysis

max time kernel
147s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
18-09-2024 04:25

Target

9ba8bd7e9125d20b7c00d1ea25bbc932f6347146d30417a75c68e98365ca7c4a.exe
Size

1.5MB
MD5

ded1a2615fc6185bebc3ba6865ea7e3d
SHA1

06a7dce47a1a86fee25b9aad632dc4d41c982334
SHA256

9ba8bd7e9125d20b7c00d1ea25bbc932f6347146d30417a75c68e98365ca7c4a
SHA512

4e6574284a9bdadd5efa5b0625a06c0e265d346987822e872b27eac5133ba3bbbfbd0933b442d1e201d87aaffb47abc6fdbc20f18adbd5f93a24949320fd2e80
SSDEEP

24576:ZG5LeAqWh6eoGXn88NSrNpdp+DfymWw9cs:ZG55qWEre8bDw9

Score

10^/10

Family

cobaltstrike

http://192.168.211.143:80/iJFd

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\9ba8bd7e9125d20b7c00d1ea25bbc932f6347146d30417a75c68e98365ca7c4a.exe
"C:\Users\Admin\AppData\Local\Temp\9ba8bd7e9125d20b7c00d1ea25bbc932f6347146d30417a75c68e98365ca7c4a.exe"
1⤵
PID:2924

memory/2924-0-0x000002877EDF0000-0x000002877EDF1000-memory.dmp

Filesize
4KB

Download