cobaltstrike | 5625ea11d8f6636a4bb80f05ef1114f378dc0ada4f5a9bee63dfdba2f0d763b5

Analysis

max time kernel
147s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19-09-2024 08:16

Target

5625ea11d8f6636a4bb80f05ef1114f378dc0ada4f5a9bee63dfdba2f0d763b5.exe
Size

1.1MB
MD5

a71b37161a2e4741502427125131b5e9
SHA1

072ee8347225ef3fc81661244f42884d4705581f
SHA256

5625ea11d8f6636a4bb80f05ef1114f378dc0ada4f5a9bee63dfdba2f0d763b5
SHA512

4a37d3843cd13289a9a068716a7af1ed5d2644f1b3868c569305c74d8ad22420cb83c77e90c3776084f406597458c7200e693733db138559a5f752e4a0462ef9
SSDEEP

12288:6FV7bVeHoFBL5hJjqT38UW5HJ/4+2V0T+ES+o3xj+bH5myRCd/UE5:6v3bjLz9x1U+j5NRd

Score

10^/10

Family

cobaltstrike

http://39.104.52.122:8992/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\5625ea11d8f6636a4bb80f05ef1114f378dc0ada4f5a9bee63dfdba2f0d763b5.exe
"C:\Users\Admin\AppData\Local\Temp\5625ea11d8f6636a4bb80f05ef1114f378dc0ada4f5a9bee63dfdba2f0d763b5.exe"
1⤵
PID:3828

memory/3828-0-0x000001996F280000-0x000001996F281000-memory.dmp

Filesize
4KB

Download
memory/3828-1-0x000001996F280000-0x000001996F281000-memory.dmp

Filesize
4KB

Download