cobaltstrike | e269604798fe0589db0bfbeea39e47a94ce30796aba90422814c4556516af79d

Analysis

max time kernel
147s
max time network
148s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
26-09-2024 09:54

Target

e269604798fe0589db0bfbeea39e47a94ce30796aba90422814c4556516af79d.exe
Size

61KB
MD5

b369c2f9c2bd1823fae6b76fe7bcee68
SHA1

2f212404687b603f0e89e800376fd2dea4750589
SHA256

e269604798fe0589db0bfbeea39e47a94ce30796aba90422814c4556516af79d
SHA512

18f13ef243258cf3824141a3fb60e0860dce143c3a198d0974090bddca1a3f97ae199a718d8a16256928c0f269f41c97d0753ed813324186608d7410150e04c0
SSDEEP

768:p9jO2Nosxpg0s+1BNc/wTF8gPD8gRlLtc8MTzZ+8XENAMxDX:LOJ0s+1Lc/wh8gPDFlLm8MHGxz

Score

10^/10

Family

cobaltstrike

http://192.168.233.140:8080/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\e269604798fe0589db0bfbeea39e47a94ce30796aba90422814c4556516af79d.exe
"C:\Users\Admin\AppData\Local\Temp\e269604798fe0589db0bfbeea39e47a94ce30796aba90422814c4556516af79d.exe"
1⤵
PID:2676

memory/2676-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2676-1-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2676-2-0x0000000000400000-0x0000000000412000-memory.dmp

Filesize
72KB

Download