cobaltstrike | f03d78383092d01e9c9e397aa6869a6e124ce8a3f53d48c6f4190bd1a22fb0ac

Analysis

max time kernel
131s
max time network
138s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
21-09-2024 10:29

Target

f03d78383092d01e9c9e397aa6869a6e124ce8a3f53d48c6f4190bd1a22fb0ac.exe
Size

205KB
MD5

3ec38a8ad2bfb32aab3cfd7b031ea6e9
SHA1

04210effbffb6bd9831852ec686333b21719dcc4
SHA256

f03d78383092d01e9c9e397aa6869a6e124ce8a3f53d48c6f4190bd1a22fb0ac
SHA512

d3b587e62d762aa751a2b1b9044604c79aad7256d68e1cfe8f2c48c0ed40ea72e21da5d49e198cd217340bd9e70fa5d10ddd2218fe41aa86d51c2e305d8e77e9
SSDEEP

3072:i64ROzWrhaH6b4s7m9FugFeomJj7qf4A4CLlA05RjsmJ1s7hEAY:ykab4s7m9F7coMT6MhG

Score

10^/10

Family

cobaltstrike

http://211.101.245.50:20080/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\f03d78383092d01e9c9e397aa6869a6e124ce8a3f53d48c6f4190bd1a22fb0ac.exe
"C:\Users\Admin\AppData\Local\Temp\f03d78383092d01e9c9e397aa6869a6e124ce8a3f53d48c6f4190bd1a22fb0ac.exe"
1⤵
PID:628

memory/628-0-0x000000013F650000-0x000000013F689000-memory.dmp

Filesize
228KB

Download