cobaltstrike | 9496733fd928f88431c1e6b60c46826ec6c883e1f1562facc9b026d681474f75

Analysis

max time kernel
149s
max time network
153s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
18-09-2024 10:37

Target

9496733fd928f88431c1e6b60c46826ec6c883e1f1562facc9b026d681474f75.exe
Size

19KB
MD5

f4e334be324ccca91f9e7c57f66d8f71
SHA1

34302594386182dae88a715bfab71f5a91452d4b
SHA256

9496733fd928f88431c1e6b60c46826ec6c883e1f1562facc9b026d681474f75
SHA512

cc87ad58ea33a03e68bef3c49cee35988c6dbe736083b851d80f89a4dcbd160262b182e8b2b42f8daa31878f98191fec32e731bb12ccb930f88b4918a941196f
SSDEEP

192:mV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2tEmWF8qa1Dojjgi:AqaCF31cix+Dc4zj9XFF46gi

Score

10^/10

Family

cobaltstrike

http://121.40.233.192:443/MvRH

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MATM)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\9496733fd928f88431c1e6b60c46826ec6c883e1f1562facc9b026d681474f75.exe
"C:\Users\Admin\AppData\Local\Temp\9496733fd928f88431c1e6b60c46826ec6c883e1f1562facc9b026d681474f75.exe"
1⤵
PID:1972

memory/1972-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/1972-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download