cobaltstrike | c390c48342103609113ccb39b4be6d3a3cc10d11acb2722d4b5bcfc081b01e60

Analysis

max time kernel
148s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
29/09/2024, 18:04

Target

c390c48342103609113ccb39b4be6d3a3cc10d11acb2722d4b5bcfc081b01e60.exe
Size

509KB
MD5

8b694ec3cf1f64e831ac28e34a10b9ec
SHA1

456f9fad2a85e2feed52ac9495149c7ee28d0d97
SHA256

c390c48342103609113ccb39b4be6d3a3cc10d11acb2722d4b5bcfc081b01e60
SHA512

0110cf867332f612933651d9c0c1b10e629c0861d7878d963be929bfcec2cba82c092dbf00b2c0a9c406fa6943f5a780372d8291bf9df8980b1194671b98fbf9
SSDEEP

6144:XKyyGnrsgMTFJoQlY+QghgD8WmTVGHqovYFf1omA:zVrshjoQC+JhxWmJHovYFf1omA

Score

10^/10

Family

cobaltstrike

http://111.229.187.190:8443/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Host: sts.tencentopenapi.xyz Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\c390c48342103609113ccb39b4be6d3a3cc10d11acb2722d4b5bcfc081b01e60.exe
"C:\Users\Admin\AppData\Local\Temp\c390c48342103609113ccb39b4be6d3a3cc10d11acb2722d4b5bcfc081b01e60.exe"
1⤵
PID:2660

memory/2660-0-0x0000022115B40000-0x0000022115B41000-memory.dmp

Filesize
4KB

Download
memory/2660-2-0x00007FF7CFD40000-0x00007FF7CFDB8000-memory.dmp

Filesize
480KB

Download