Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
07/11/2024, 08:08
Static task
static1
Behavioral task
behavioral1
Sample
505bfda20610f1cb793f6659355b6d4689742438d476978165faf8ecce6e5512.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
505bfda20610f1cb793f6659355b6d4689742438d476978165faf8ecce6e5512.exe
Resource
win10v2004-20241007-en
General
-
Target
505bfda20610f1cb793f6659355b6d4689742438d476978165faf8ecce6e5512.exe
-
Size
19KB
-
MD5
1c2031b1c69c248c64a426420061a9f1
-
SHA1
2df6eb93ae632bbeb4094ef5b0aaec09f7ec6fd8
-
SHA256
505bfda20610f1cb793f6659355b6d4689742438d476978165faf8ecce6e5512
-
SHA512
98c1268ad6145d009853c2b3638d7d08e2c692215aa87ec3aa6c93c7b12f29c0b11fc4c27bd9da028f48c8399d513bf158735f0e12f4b6444c6899fadef86707
-
SSDEEP
192:ZV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2SkuDF/WF8qa1Dojjgi:7qaCF31cix+Dc4zjxk++FF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.202.129:8088/hHu8
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; BTRS125526)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
Cobaltstrike family