Analysis
-
max time kernel
140s -
max time network
140s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
10/11/2024, 13:51
Static task
static1
Behavioral task
behavioral1
Sample
b8c727cf517e07d26bedfbd91451961aec0f3a5899c459e3f912082d82f5a47a.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
b8c727cf517e07d26bedfbd91451961aec0f3a5899c459e3f912082d82f5a47a.exe
Resource
win10v2004-20241007-en
General
-
Target
b8c727cf517e07d26bedfbd91451961aec0f3a5899c459e3f912082d82f5a47a.exe
-
Size
19KB
-
MD5
b27e56d4db7b8f14da50f1de716f2958
-
SHA1
fd220850e3658b0ac4216511ec449fa5196d804c
-
SHA256
b8c727cf517e07d26bedfbd91451961aec0f3a5899c459e3f912082d82f5a47a
-
SHA512
1553376d98d1b532068c91f5ed2a503f9fef5994fbc0e3ecbaf774438b62f4c9800044b7f69f60a9de799d5428f98cbf58afde7da138d6fc060bcd4eb1a3d45c
-
SSDEEP
192:SV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2LPBWF8qa1Dojjgi:cqaCF31cix+Dc4zjoP8FF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.47.130:80/Es3r
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MALC)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
Cobaltstrike family