cobaltstrike | 7ab2b480591e90c51667f5b415cd57c1e81bbfbbd83427db8ea99d474fe601fa

Analysis

max time kernel
132s
max time network
140s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
28-09-2024 17:09

Target

7ab2b480591e90c51667f5b415cd57c1e81bbfbbd83427db8ea99d474fe601fa.exe
Size

1.4MB
MD5

fd58dee22ccf5e6d94c81809ed25235b
SHA1

2e1fc71c9e9bdfe199e03216a6fae9ad48eb54d6
SHA256

7ab2b480591e90c51667f5b415cd57c1e81bbfbbd83427db8ea99d474fe601fa
SHA512

cd867c96f1d66c3ef0a8974c3d97791f95a824dccd7941dbb48f5d5b2c569e8b41784a8ddd7e9a3d6386d9cd02a722b951df84294ce77328c43b46cb95707d4e
SSDEEP

24576:u6bgu2iE/QB1ATGiq/IuPRwZZGPb/YF/MNXRJZg8wQ7mYL:3guu//Hu4GPbQJMbJZC

Score

10^/10

Family

cobaltstrike

http://47.109.26.55:8005/mVGS

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MATP; MATP)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\7ab2b480591e90c51667f5b415cd57c1e81bbfbbd83427db8ea99d474fe601fa.exe
"C:\Users\Admin\AppData\Local\Temp\7ab2b480591e90c51667f5b415cd57c1e81bbfbbd83427db8ea99d474fe601fa.exe"
1⤵
PID:2124

memory/2124-0-0x0000000047E20000-0x0000000047E21000-memory.dmp

Filesize
4KB

Download