cobaltstrike | bb4a9118301489811d4a73b21f4df592eb31bab912e1c9da70b06143427c4725

Analysis

max time kernel
147s
max time network
149s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
24-09-2024 10:23

Target

bb4a9118301489811d4a73b21f4df592eb31bab912e1c9da70b06143427c4725.exe
Size

2.3MB
MD5

572b9facaa19213713f743f351dba3f0
SHA1

b74551e6b0f9253cc20c7abd7bc32c7fcf674844
SHA256

bb4a9118301489811d4a73b21f4df592eb31bab912e1c9da70b06143427c4725
SHA512

e4e216aaf3b0e9efdf19e8d7a79b5d6048e6955fb1e57e50c9b96d1197b1b743475469c0abc6a857102f99a4062b05b3b2ce1f36fd1c8271e547587252a5e036
SSDEEP

49152:ZfQia2KVxvzECEqCVgFhRVAWD1x3eurHx1Ha7pDk8RX:ZfyVzRfuiHx1Ha7pg8

Score

10^/10

Family

cobaltstrike

http://192.168.200.200:443/bootstrap-2.min.js

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\bb4a9118301489811d4a73b21f4df592eb31bab912e1c9da70b06143427c4725.exe
"C:\Users\Admin\AppData\Local\Temp\bb4a9118301489811d4a73b21f4df592eb31bab912e1c9da70b06143427c4725.exe"
1⤵
PID:2180

memory/2180-0-0x00000000007C0000-0x00000000007C1000-memory.dmp

Filesize
4KB

Download