cobaltstrike | 70521464aa326fe80c5f6d4ec506aa1f26e775a49a3644457745212f2ff6d2ad

Analysis

max time kernel
148s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19-09-2024 17:07

Target

70521464aa326fe80c5f6d4ec506aa1f26e775a49a3644457745212f2ff6d2ad.exe
Size

19KB
MD5

dc57d622cebbd34b5598be0f86b1dfe3
SHA1

667239eddf07b87efc3c34a54d63d487e2e2b2de
SHA256

70521464aa326fe80c5f6d4ec506aa1f26e775a49a3644457745212f2ff6d2ad
SHA512

e2f020c5443c7211c384f2f49fbe6a747891791630b75e5e17aeab64b43b37ce65375ef8e4cac108d9becf7b09c2c36da90f9be3ab8642b5127b57a010c7fda8
SSDEEP

192:eV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2PPNWF8qa1Dojjgi:oqaCF31cix+Dc4zjuPgFF46gi

Score

10^/10

Family

cobaltstrike

http://8.8.8.8:80/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\70521464aa326fe80c5f6d4ec506aa1f26e775a49a3644457745212f2ff6d2ad.exe
"C:\Users\Admin\AppData\Local\Temp\70521464aa326fe80c5f6d4ec506aa1f26e775a49a3644457745212f2ff6d2ad.exe"
1⤵
PID:876

memory/876-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/876-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download