Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
21-11-2024 06:51
Static task
static1
Behavioral task
behavioral1
Sample
3eec93a8dd91250e493a3cd592761e932455063454b73cc97c5d265ef9422e8c.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3eec93a8dd91250e493a3cd592761e932455063454b73cc97c5d265ef9422e8c.exe
Resource
win10v2004-20241007-en
General
-
Target
3eec93a8dd91250e493a3cd592761e932455063454b73cc97c5d265ef9422e8c.exe
-
Size
19KB
-
MD5
5c6aa3210371b8e09b3a897c9d0317dd
-
SHA1
a05d7f91687a4f5b63c00d0b301bc1157c704111
-
SHA256
3eec93a8dd91250e493a3cd592761e932455063454b73cc97c5d265ef9422e8c
-
SHA512
dcd1c3bdca74c800314b7efa3c5cf328cb2c8359ad85dc0f550fec19b3d58207b57aa028eca4a0c814823fd1198fe80eb4c0658e9d96d53d2f8643ef3803e222
-
SSDEEP
192:6V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2wSAa3WF8qa1Dojjgi:UqaCF31cix+Dc4zjkvGFF46gi
Malware Config
Extracted
cobaltstrike
http://47.121.31.202:8888/M6ya
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.4; InfoPath.2)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
Cobaltstrike family