cobaltstrike | 07c68acf75eeb035f42ae3630f4039d6ecac90d78ae4c8a009f2459ec8d153c1

Analysis

max time kernel
141s
max time network
140s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
25-09-2024 10:19

Target

07c68acf75eeb035f42ae3630f4039d6ecac90d78ae4c8a009f2459ec8d153c1.exe
Size

19KB
MD5

5bedf97a725f969a4056301ef1acd907
SHA1

6d4909e4030cdde9417910dced6156654e77344c
SHA256

07c68acf75eeb035f42ae3630f4039d6ecac90d78ae4c8a009f2459ec8d153c1
SHA512

a777ee5db4ec923f71132dd2092fb7b207214ebf4c44850f343db37fcef6ae8a1bd2f5af785707e8cda7543e19ddad85473fa1ff92b1ab783fc304d914e3b346
SSDEEP

192:kV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2ObqWF8qa1Dojjgi:WqaCF31cix+Dc4zj3FF46gi

Score

10^/10

Family

cobaltstrike

http://116.63.204.246:4455/oVKM

Attributes

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\07c68acf75eeb035f42ae3630f4039d6ecac90d78ae4c8a009f2459ec8d153c1.exe
"C:\Users\Admin\AppData\Local\Temp\07c68acf75eeb035f42ae3630f4039d6ecac90d78ae4c8a009f2459ec8d153c1.exe"
1⤵
PID:1960

memory/1960-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/1960-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download