Overview

overview

10

Static

static

3

2a884ea7ed...57.exe

windows7-x64

10

2a884ea7ed...57.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2024 07:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2a884ea7ed4795ee2c45c96c78076624c96ad56c2750220b22f3dbd7c90e7b57.exe

  • Size

    19KB

  • MD5

    45b5cb8971f298961ebd76dd38e7124e

  • SHA1

    1bfe7c3dfbae1b5e219f379d654c5ff190ebad00

  • SHA256

    2a884ea7ed4795ee2c45c96c78076624c96ad56c2750220b22f3dbd7c90e7b57

  • SHA512

    6487c5daece5dbf1a5baefc2569c1d6c1891217f4ae98770dae46fcc33c341e26765233d935626903e491b2fd7923799cbed873ef780b409c58a1b0263ed75f8

  • SSDEEP

    192:qV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2xWv2a8WF8qa1Dojjgi:EqaCF31cix+Dc4zj8W5FF46gi

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.199.75:8889/TlMP

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\2a884ea7ed4795ee2c45c96c78076624c96ad56c2750220b22f3dbd7c90e7b57.exe
    "C:\Users\Admin\AppData\Local\Temp\2a884ea7ed4795ee2c45c96c78076624c96ad56c2750220b22f3dbd7c90e7b57.exe"
    1⤵
      PID:3460

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3460-0-0x0000000000020000-0x0000000000021000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3460-1-0x0000000000400000-0x000000000040C000-memory.dmp

      Filesize

      48KB

      Download