cobaltstrike | e397211488ffb1dd721298864f54abbebfdb2290b8a5b4a82c79e30c88984861

Analysis

max time kernel
141s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
27-09-2024 02:19

Target

e397211488ffb1dd721298864f54abbebfdb2290b8a5b4a82c79e30c88984861.exe
Size

79KB
MD5

83b576f724b42050904e48f41e52474e
SHA1

21ee0baa6d5382b6c3451dfefef383458913af0a
SHA256

e397211488ffb1dd721298864f54abbebfdb2290b8a5b4a82c79e30c88984861
SHA512

26e5171e677187364dbd3d187d13324dad66900d2b5b57d25911cf9a3c140881404c5d78c6b81ce8cc64ae869be1b528eb926cc3dca3887e264cbff496737401
SSDEEP

768:ZhY/UIcGYcR3papbZBYRxSqV+i3Uy3A0Cxvtg33a/40nemB4Yg8Z5h1ij2B14r:v0Rcc3sbZBYRoqMi3FCKsemBkt2Bc

Score

10^/10

Family

cobaltstrike

http://42.192.53.131:4431/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\e397211488ffb1dd721298864f54abbebfdb2290b8a5b4a82c79e30c88984861.exe
"C:\Users\Admin\AppData\Local\Temp\e397211488ffb1dd721298864f54abbebfdb2290b8a5b4a82c79e30c88984861.exe"
1⤵
PID:1616

memory/1616-1-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/1616-0-0x0000000000400000-0x0000000000418000-memory.dmp

Filesize
96KB

Download