Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
94s -
max time network
95s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
22/09/2024, 13:52
General
-
Target
2024-09-22_f49f84cc2cf67d8e9c41196668bf3883_cobalt-strike_cobaltstrike_poet-rat.exe
-
Size
6.0MB
-
MD5
f49f84cc2cf67d8e9c41196668bf3883
-
SHA1
470190e2a95420236d7f5df7169cf22fe8459f54
-
SHA256
bca56ef4a7c0d9bae8411e51724d8b67345242bc9f27a8b2bc631da7a5a49f3c
-
SHA512
655790aa82838cc62fb327bcbd4f4fd7c9eac755626e37d0530d500fbd98c28b905157053212add1e028efb7f5de9e259a3a176a53ab6dcfc710133d78ce4ae4
-
SSDEEP
98304:MLCNtIimedfE0pZXJ56utgpPFotBER/mQ32lUE:aEIiH56utgpPF8u/7E
Score
10/10
Malware Config
Signatures
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload 1 IoCs
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-09-22_f49f84cc2cf67d8e9c41196668bf3883_cobalt-strike_cobaltstrike_poet-rat.exe"C:\Users\Admin\AppData\Local\Temp\2024-09-22_f49f84cc2cf67d8e9c41196668bf3883_cobalt-strike_cobaltstrike_poet-rat.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3.3MB