cobaltstrike | e753feac044dbcc6800c6201857a090d9cfbf74fb46300f6613fb6ba12ef8f86

Analysis

max time kernel
149s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
18-09-2024 08:21

Target

e753feac044dbcc6800c6201857a090d9cfbf74fb46300f6613fb6ba12ef8f86.exe
Size

1.7MB
MD5

7c04baaffad7df02fbbd2ab967b02f76
SHA1

28b9feb5c03ed832ebbf203b8940c4062ed65b77
SHA256

e753feac044dbcc6800c6201857a090d9cfbf74fb46300f6613fb6ba12ef8f86
SHA512

3f71b66abab3330635eda6dade4ea96b721b0074431b22356c4bcab98570586613fc60935af33f910b7da3bee5103059d1ea8cef2dcba1b9a7404439f022bc03
SSDEEP

24576:qmLHEcMNSq0zvGfcfxD0rrWgOcLaBfpHu8Iba89MmDhARKIk4nucD:qGhoMxDMtn2Bfp0+mdARKIko

Score

10^/10

Family

cobaltstrike

http://192.168.137.130:8888/BfLi

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch; ASU2JS)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\e753feac044dbcc6800c6201857a090d9cfbf74fb46300f6613fb6ba12ef8f86.exe
"C:\Users\Admin\AppData\Local\Temp\e753feac044dbcc6800c6201857a090d9cfbf74fb46300f6613fb6ba12ef8f86.exe"
1⤵
PID:2484

memory/2484-0-0x0000029B6F6E0000-0x0000029B6F6E1000-memory.dmp

Filesize
4KB

Download