Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    24-09-2024 14:05

General

  • Target

    d71eee6bf2a5339915dc0affd8b8d743ed12b3f7ac2920c3b988cb2fa9714aa1.exe

  • Size

    574KB

  • MD5

    0b0c3d96051a518ff1485971b7044d77

  • SHA1

    bf238e6e28f24cdf5ac4c58c1a964a076b49edb7

  • SHA256

    d71eee6bf2a5339915dc0affd8b8d743ed12b3f7ac2920c3b988cb2fa9714aa1

  • SHA512

    e00135287649e63dc8c235c3bc1843e4a63badfc7451eb6262cffcbe6d8f1dd06841027cd87b759140d501bab35934bb5a806974a642b307be557d0916465aca

  • SSDEEP

    3072:A16qj8W8QllCg1BsGGLtT38+arPuRoWsKTVmBSdo7wR9W2BhQzLW:lVW8ylHAKJr2YKTtW8U2eO

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.3.30:80/qGr3

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch; ASU2JS)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\d71eee6bf2a5339915dc0affd8b8d743ed12b3f7ac2920c3b988cb2fa9714aa1.exe
    "C:\Users\Admin\AppData\Local\Temp\d71eee6bf2a5339915dc0affd8b8d743ed12b3f7ac2920c3b988cb2fa9714aa1.exe"
    1⤵
      PID:948

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/948-0-0x0000000000020000-0x0000000000021000-memory.dmp

      Filesize

      4KB

    • memory/948-1-0x0000000000400000-0x0000000000497000-memory.dmp

      Filesize

      604KB