Overview

overview

10

Static

static

10

2024-12-21...at.exe

windows7-x64

10

2024-12-21...at.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    93s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/12/2024, 01:46

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-12-21_b63a83a92c6ab46e654ccdf09f49ebd2_cobalt-strike_cobaltstrike_poet-rat.exe

  • Size

    5.9MB

  • MD5

    b63a83a92c6ab46e654ccdf09f49ebd2

  • SHA1

    90e34e786460f4123b057c32082248a4881af4f4

  • SHA256

    534fb11dd59745078f7207750da9ed9f5f8e659bb8b56552bf03a15624c3737d

  • SHA512

    4d103a04f821bd5e738b5dc6ee68846c6353d21e9a02725999dc27273330a6d69f7242580ddeac84d4ca2d742b0fe2141a256a9a35cec008c4ce761acec0b071

  • SSDEEP

    98304:demTLkNdfE0pZ3u56utgpPFotBER/mQ32lUk:E+b56utgpPF8u/7k

Score
5/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-12-21_b63a83a92c6ab46e654ccdf09f49ebd2_cobalt-strike_cobaltstrike_poet-rat.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-12-21_b63a83a92c6ab46e654ccdf09f49ebd2_cobalt-strike_cobaltstrike_poet-rat.exe"
    1⤵
      PID:4896

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/4896-0-0x00007FF77CEB0000-0x00007FF77D204000-memory.dmp

            Filesize

            3.3MB

            Download

          • memory/4896-1-0x00007FF77CEB0000-0x00007FF77D204000-memory.dmp

            Filesize

            3.3MB

            Download