cobaltstrike | 33d32caa2346f5bde47ad746065a3bd7ee53e40740c5801207eac99edb3138e1

Analysis

max time kernel
105s
max time network
18s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
19-09-2024 07:15

Target

33d32caa2346f5bde47ad746065a3bd7ee53e40740c5801207eac99edb3138e1.exe
Size

61KB
MD5

4c668d7410470f631f778b5b2fdeeeb5
SHA1

09738f7dd7b6b593b756b45ac96fffa20f0d79f9
SHA256

33d32caa2346f5bde47ad746065a3bd7ee53e40740c5801207eac99edb3138e1
SHA512

f431d079430646f9b11dad64fc7ed60467bf26a0428ca20950da862016e05450d005494f06df1d6dc5663cc63f16682834f660881363b2f29addc060f32efaa6
SSDEEP

384:VK6aSVEeTYAy1bIfxU1ZIeU2CJS/Pjw3OtThVgUq7YPFHwQfBXvcUJ8P89Z7L:VpD2AyQG44PJhHhBf8P89

Score

10^/10

Family

cobaltstrike

http://192.168.128.129:8888/eY9f

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MALCJS)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\33d32caa2346f5bde47ad746065a3bd7ee53e40740c5801207eac99edb3138e1.exe
"C:\Users\Admin\AppData\Local\Temp\33d32caa2346f5bde47ad746065a3bd7ee53e40740c5801207eac99edb3138e1.exe"
1⤵
PID:1620

memory/1620-0-0x000000013F100000-0x000000013F125000-memory.dmp

Filesize
148KB

Download