cobaltstrike | 7ab2b480591e90c51667f5b415cd57c1e81bbfbbd83427db8ea99d474fe601fa

Analysis

max time kernel
148s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
28-09-2024 17:09

Target

7ab2b480591e90c51667f5b415cd57c1e81bbfbbd83427db8ea99d474fe601fa.exe
Size

1.4MB
MD5

fd58dee22ccf5e6d94c81809ed25235b
SHA1

2e1fc71c9e9bdfe199e03216a6fae9ad48eb54d6
SHA256

7ab2b480591e90c51667f5b415cd57c1e81bbfbbd83427db8ea99d474fe601fa
SHA512

cd867c96f1d66c3ef0a8974c3d97791f95a824dccd7941dbb48f5d5b2c569e8b41784a8ddd7e9a3d6386d9cd02a722b951df84294ce77328c43b46cb95707d4e
SSDEEP

24576:u6bgu2iE/QB1ATGiq/IuPRwZZGPb/YF/MNXRJZg8wQ7mYL:3guu//Hu4GPbQJMbJZC

Score

10^/10

Family

cobaltstrike

http://47.109.26.55:8005/mVGS

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MATP; MATP)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\7ab2b480591e90c51667f5b415cd57c1e81bbfbbd83427db8ea99d474fe601fa.exe
"C:\Users\Admin\AppData\Local\Temp\7ab2b480591e90c51667f5b415cd57c1e81bbfbbd83427db8ea99d474fe601fa.exe"
1⤵
PID:4768

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4396,i,7447299413640964517,4240724842020506306,262144 --variations-seed-version --mojo-platform-channel-handle=1288 /prefetch:8
1⤵
PID:5012

memory/4768-0-0x0000011F4D6B0000-0x0000011F4D6B1000-memory.dmp

Filesize
4KB

Download