Analysis
-
max time kernel
110s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
10/11/2024, 13:55
Static task
static1
Behavioral task
behavioral1
Sample
da67597fe1be1a10be240b89b373abac02e7900745fddac6992d4f38064cec3fN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
da67597fe1be1a10be240b89b373abac02e7900745fddac6992d4f38064cec3fN.exe
Resource
win10v2004-20241007-en
General
-
Target
da67597fe1be1a10be240b89b373abac02e7900745fddac6992d4f38064cec3fN.exe
-
Size
19KB
-
MD5
f62018a6fa6c5adcffa770abcaefbaf0
-
SHA1
ad6989935ce26e30382565d1c46e9d900d738665
-
SHA256
da67597fe1be1a10be240b89b373abac02e7900745fddac6992d4f38064cec3f
-
SHA512
ecca1fe6f6a42f492876f23affe29c749ab5f9b7acb63d66cac8a09d4556d341a20d4422c5da0b7295fd60bbab6f236983f7d50f55c139dea985ddfdc0b999f5
-
SSDEEP
192:FV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/20oCWF8qa1Dojjgi:nqaCF31cix+Dc4zj27FF46gi
Malware Config
Extracted
cobaltstrike
http://123.57.28.144:58080/IxBZ
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; LBBROWSER)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
Cobaltstrike family