cobaltstrike | 6b93199aa5cf66dcd4b0b7bc856a7db937d5a26ba95624527e5832239fc88739

Analysis

max time kernel
132s
max time network
140s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
27-09-2024 05:04

Target

6b93199aa5cf66dcd4b0b7bc856a7db937d5a26ba95624527e5832239fc88739.exe
Size

11KB
MD5

4ec055bed48225b522c5b18127f3b9d3
SHA1

cc97871356ee21a5f3cd2d378c58067cca0cb84b
SHA256

6b93199aa5cf66dcd4b0b7bc856a7db937d5a26ba95624527e5832239fc88739
SHA512

397342b31dc3280b7162a6393b78ae3bd3edcbf9baabbc41a7ed3803043411fde862315f82ec54d975fd15207e46a49e8256f076b6d53709471e3cf07e3ed41b
SSDEEP

192:IBmJEmM+Z4VnbeCvDzUEB1qXeFL3Q5tfMc18GqrY:0GRM049R71Qex32qrY

Score

10^/10

Family

cobaltstrike

http://192.168.80.128:1111/abFT

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\6b93199aa5cf66dcd4b0b7bc856a7db937d5a26ba95624527e5832239fc88739.exe
"C:\Users\Admin\AppData\Local\Temp\6b93199aa5cf66dcd4b0b7bc856a7db937d5a26ba95624527e5832239fc88739.exe"
1⤵
PID:2384

memory/2384-0-0x0000000000160000-0x0000000000161000-memory.dmp

Filesize
4KB

Download