Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
18-09-2024 08:21
General
-
Target
5ea3f7d3782aa4214a5ba6e4759294eae75d48c30236466a1417feedf5c2bc63.exe
-
Size
1.0MB
-
MD5
a0e4e32e9930d728e51fddb663a0b9ef
-
SHA1
d90b676269a3ee3f41da542099ba9a0a4c77056c
-
SHA256
5ea3f7d3782aa4214a5ba6e4759294eae75d48c30236466a1417feedf5c2bc63
-
SHA512
435b2c254cf59c57ccdf5bc94ea3b739583e9415a3fe0c92038915acf584011dc635272ffa51c8d2f31c49b6e2dca802425880ceed8a7189501883215c498b5d
-
SSDEEP
24576:uxjwhd9rijrNCLtaSb89qYl9F8zeG/1SrgFDyvbM753e4mJLVE51f:ux4GZCLtaSI4eAbNS+yvba53tOLVcN
Malware Config
Extracted
cobaltstrike
http://192.168.137.130:8888/v95y
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; MAARJS)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
UPX packed file 4 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Processes
-
C:\Users\Admin\AppData\Local\Temp\5ea3f7d3782aa4214a5ba6e4759294eae75d48c30236466a1417feedf5c2bc63.exe"C:\Users\Admin\AppData\Local\Temp\5ea3f7d3782aa4214a5ba6e4759294eae75d48c30236466a1417feedf5c2bc63.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.0MB
-
Filesize
4KB
-
Filesize
2.0MB
-
Filesize
2.0MB
-
Filesize
2.0MB