Overview

overview

10

Static

static

3

2c1decbcc8...e5.exe

windows7-x64

1

2c1decbcc8...e5.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-11-2024 12:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2c1decbcc86fc44c794500506167b843632bd5f4810edff4521f1a424d93e0e5.exe

  • Size

    1.7MB

  • MD5

    54965e6b0aa541f0c2a9751d213ec22e

  • SHA1

    60654d40422a11e4d5108acf374719ed4e843ff0

  • SHA256

    2c1decbcc86fc44c794500506167b843632bd5f4810edff4521f1a424d93e0e5

  • SHA512

    4f35b38018aa8bf0648fbc34e3a84934cea01f15b9a4fdacfd86662d5a932101a5666ff2f08788169891617708aca2e80ccbfa8cf7a6bf208d135e85ee75613d

  • SSDEEP

    24576:tdqOwfddJskiJTODfL44xBwJb0t3FS6NvnfnhQX79u66LUn0:tdbwfddxBRt1S6dnfM9e

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://10.0.0.123:800/4add

Attributes
  • user_agent

    User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\2c1decbcc86fc44c794500506167b843632bd5f4810edff4521f1a424d93e0e5.exe
    "C:\Users\Admin\AppData\Local\Temp\2c1decbcc86fc44c794500506167b843632bd5f4810edff4521f1a424d93e0e5.exe"
    1⤵
      PID:852

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/852-0-0x000001EA1FA10000-0x000001EA1FA11000-memory.dmp

      Filesize

      4KB

      Download