Analysis
-
max time kernel
141s -
max time network
140s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
22-11-2024 07:18
Static task
static1
Behavioral task
behavioral1
Sample
611ac8382c830f7ba12b3e61d8dacced335015f69f27376955bd7b4b5b5255f0.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
611ac8382c830f7ba12b3e61d8dacced335015f69f27376955bd7b4b5b5255f0.exe
Resource
win10v2004-20241007-en
General
-
Target
611ac8382c830f7ba12b3e61d8dacced335015f69f27376955bd7b4b5b5255f0.exe
-
Size
19KB
-
MD5
3db36980c264a683dc5b569c18d9383b
-
SHA1
434c24a85ac89d0377dce01ca390d8216d546417
-
SHA256
611ac8382c830f7ba12b3e61d8dacced335015f69f27376955bd7b4b5b5255f0
-
SHA512
2774ee5a4740d5ffa18806343862671f353d9cf1b2380ea9d5ae553535749f0e72d7b33884bf3b9589f9702c76d3347ec0de6cb0bd8426a98c9d578b8d67d149
-
SSDEEP
192:oV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2X52GiWWF8qa1Dojjgi:aqaCF31cix+Dc4zjC2hnFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.88.129:6666/fr1T
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
Cobaltstrike family