cobaltstrike | 4caeca58b238f4af41ff689c4f08ca74f89b27dcd754454dab7ab5175ce90d67

Analysis

max time kernel
147s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19-09-2024 20:39

Target

4caeca58b238f4af41ff689c4f08ca74f89b27dcd754454dab7ab5175ce90d67.exe
Size

110KB
MD5

4a2266d90102322826d32a0dc7d5edbd
SHA1

9c00d0495721206542663ac4a7c45a8cd12ef457
SHA256

4caeca58b238f4af41ff689c4f08ca74f89b27dcd754454dab7ab5175ce90d67
SHA512

c12090be3a8269b9a9d240ad643fdaf253422c33b0bc60f4454150bbb3feee41dfc48f74b28bc847abeba3d6e088b4912cc8c540f20c03e7fe25c0e999114fc4
SSDEEP

3072:EB1nFpIMGJbzgTUeIcYSlxp13SlbUYjdv:6FFp7GJzlcYS7Sj

Score

10^/10

Family

cobaltstrike

http://172.26.218.210:11111/YAkX

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\4caeca58b238f4af41ff689c4f08ca74f89b27dcd754454dab7ab5175ce90d67.exe
"C:\Users\Admin\AppData\Local\Temp\4caeca58b238f4af41ff689c4f08ca74f89b27dcd754454dab7ab5175ce90d67.exe"
1⤵
PID:2324

memory/2324-0-0x000001EC49500000-0x000001EC49501000-memory.dmp

Filesize
4KB

Download
memory/2324-1-0x000001EC49500000-0x000001EC49501000-memory.dmp

Filesize
4KB

Download