cobaltstrike | 33453f13379756cb8989b4f4ab24a34516a6d541a3c7881cbafef1f2e592aa94

Analysis

max time kernel
140s
max time network
139s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
26-09-2024 09:52

Target

33453f13379756cb8989b4f4ab24a34516a6d541a3c7881cbafef1f2e592aa94.exe
Size

19KB
MD5

35ad6d4ef6da0003b4b91090c7c08a20
SHA1

2144995f3cd06c5e7f314c8c2d0c0815b2669528
SHA256

33453f13379756cb8989b4f4ab24a34516a6d541a3c7881cbafef1f2e592aa94
SHA512

79994b40229e2dc5a328282cb7a0a2a2257b0f55af62902226e0a7a3f1cb2df556f5f423f457d5c503e8d3a7474a095e4140158ac4b261660a2810f9cf6f5b57
SSDEEP

192:sV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/27yjFWF8qa1Dojjgi:OqaCF31cix+Dc4zjwFFF46gi

Score

10^/10

Family

cobaltstrike

http://172.16.10.17:80/VWLd

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\33453f13379756cb8989b4f4ab24a34516a6d541a3c7881cbafef1f2e592aa94.exe
"C:\Users\Admin\AppData\Local\Temp\33453f13379756cb8989b4f4ab24a34516a6d541a3c7881cbafef1f2e592aa94.exe"
1⤵
PID:2548

memory/2548-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2548-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download