Overview

overview

10

Static

static

10

2025-03-09...at.exe

windows7-x64

1

2025-03-09...at.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    09/03/2025, 20:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2025-03-09_124f3fa6f41d84cbcc952b5c3e12ed3a_cobalt-strike_hammertoss_hijackloader_krakenkeylogger_megazord_poet-rat.exe

  • Size

    79.3MB

  • MD5

    124f3fa6f41d84cbcc952b5c3e12ed3a

  • SHA1

    9630394b99dc05faf1d9e1ddafca676958fb8eb4

  • SHA256

    5e646d8c38c533bb4181066044ff543a1e82ea19151adbc9101e6087537aa859

  • SHA512

    d3397a05f4f8d9fefb0114010f8700e7d5f46d5e6e002277944ca843d4eb03ff37e72d19d26b2ff1e02dbcbdf5a4e67664cfd6173917529295e587ff73b12083

  • SSDEEP

    786432:0kghWEk49Otsbyx1DOUNoER7gfxv9cghdYzXoJAO:tgAEk49QsmPf2f19cghdYzXSAO

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\2025-03-09_124f3fa6f41d84cbcc952b5c3e12ed3a_cobalt-strike_hammertoss_hijackloader_krakenkeylogger_megazord_poet-rat.exe
    "C:\Users\Admin\AppData\Local\Temp\2025-03-09_124f3fa6f41d84cbcc952b5c3e12ed3a_cobalt-strike_hammertoss_hijackloader_krakenkeylogger_megazord_poet-rat.exe"
    1⤵
      PID:2804

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\SQLite.Interop.dll
      Filesize

      1.9MB

      MD5

      4930777866b1fdaed2ab80b0fb8793b6

      SHA1

      e2686b9ac7c3867c644902805142f1f42bae7645

      SHA256

      1111916dc329a13bd627b2cd90c9b2263de9923fd0bb6059c69c52332f360c37

      SHA512

      d294e9d638fb6d579fdfd69a9f098b2d8087fc6c1c240496cc99804980284352299b52b9a2d6b1d1289ffdc5f5ecf364e67eb32e7b4a9a8ddf20c723f9fa28d5

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\sni.dll
      Filesize

      156KB

      MD5

      7f1799b65b98450a19e4d049e9d3e70d

      SHA1

      ec80c5a33374423a9e986c383a36a97da70a3584

      SHA256

      68705c4ef9ab818f2956a78e05f3fefce501a1448793b073b46110beb49b47d6

      SHA512

      8d67297c5cded487c88fcaad5a36e80926dad8f1863e38f397751056f51258ac7b5a9e5c09c01bba7a224f38fb2ee719586faf0ba81516e05a19649eb09e7b78

      Download Submit

    • memory/2804-1-0x0000000003500000-0x0000000004190000-memory.dmp

      Filesize

      12.6MB

      Download

    • memory/2804-26-0x000000013FB9D000-0x000000013FB9E000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2804-22-0x0000000002680000-0x00000000026A0000-memory.dmp

      Filesize

      128KB

      Download

    • memory/2804-18-0x0000000002630000-0x0000000002660000-memory.dmp

      Filesize

      192KB

      Download

    • memory/2804-14-0x0000000001FA0000-0x0000000001FC0000-memory.dmp

      Filesize

      128KB

      Download

    • memory/2804-10-0x00000000004E0000-0x0000000000520000-memory.dmp

      Filesize

      256KB

      Download

    • memory/2804-6-0x0000000001D40000-0x0000000001DD0000-memory.dmp

      Filesize

      576KB

      Download