Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26-06-2024 10:44
Static task
static1
Behavioral task
behavioral1
Sample
e713c7e460ca3ec49e9911fe2df8f63925a412292c76bf4479c74cf3cd4d0a5d.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e713c7e460ca3ec49e9911fe2df8f63925a412292c76bf4479c74cf3cd4d0a5d.exe
Resource
win10v2004-20240611-en
General
-
Target
e713c7e460ca3ec49e9911fe2df8f63925a412292c76bf4479c74cf3cd4d0a5d.exe
-
Size
19KB
-
MD5
eb6e7fa58cfb5706343adca25223602f
-
SHA1
7d70b24e485614a110b35156d598a9f2d7df12f8
-
SHA256
e713c7e460ca3ec49e9911fe2df8f63925a412292c76bf4479c74cf3cd4d0a5d
-
SHA512
e6fb82d15c41ac71c226a281d23332a92eff8f84fcf43b90b245765786fad2200fd957e34e7b6f0134fa67d550162cb6b960ce75cdb26cd6233f3501476345af
-
SSDEEP
192:0V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/29TWA7WF8qa1Dojjgi:mqaCF31cix+Dc4zjKWnFF46gi
Malware Config
Extracted
cobaltstrike
http://10.0.0.128:1234/HcdN
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.