cobaltstrike | 24eda84a0f33999237faa9e1db9a6d073ac22e05ed37d678477eccfd34d2a893

Analysis

max time kernel
140s
max time network
139s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
27-09-2024 12:06

Target

24eda84a0f33999237faa9e1db9a6d073ac22e05ed37d678477eccfd34d2a893.exe
Size

19KB
MD5

8e8e90cbebe368f8a28e7f2c0f4d60c6
SHA1

9d5ac0cd882b1c91a01a27270862a2a85657cf5b
SHA256

24eda84a0f33999237faa9e1db9a6d073ac22e05ed37d678477eccfd34d2a893
SHA512

81a115e551a0206248d55ec949b36c0ae5e0fd260dc6301d2665d130e67151de1a0007d69b1bf8bc10fc211a57a003444337617b60ef3e7c79e98651a7c6bfd3
SSDEEP

192:4V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/292v/LlWF8qa1Dojjgi:qqaCF31cix+Dc4zjdv/sFF46gi

Score

10^/10

Family

cobaltstrike

http://47.120.3.3:8044/lRk4

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; BOIE8;ENUS)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\24eda84a0f33999237faa9e1db9a6d073ac22e05ed37d678477eccfd34d2a893.exe
"C:\Users\Admin\AppData\Local\Temp\24eda84a0f33999237faa9e1db9a6d073ac22e05ed37d678477eccfd34d2a893.exe"
1⤵
PID:2672

memory/2672-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2672-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download