cobaltstrike | e713c7e460ca3ec49e9911fe2df8f63925a412292c76bf4479c74cf3cd4d0a5d

Analysis

max time kernel
148s
max time network
149s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
26-06-2024 10:44

Target

e713c7e460ca3ec49e9911fe2df8f63925a412292c76bf4479c74cf3cd4d0a5d.exe
Size

19KB
MD5

eb6e7fa58cfb5706343adca25223602f
SHA1

7d70b24e485614a110b35156d598a9f2d7df12f8
SHA256

e713c7e460ca3ec49e9911fe2df8f63925a412292c76bf4479c74cf3cd4d0a5d
SHA512

e6fb82d15c41ac71c226a281d23332a92eff8f84fcf43b90b245765786fad2200fd957e34e7b6f0134fa67d550162cb6b960ce75cdb26cd6233f3501476345af
SSDEEP

192:0V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/29TWA7WF8qa1Dojjgi:mqaCF31cix+Dc4zjKWnFF46gi

Score

10^/10

Family

cobaltstrike

http://10.0.0.128:1234/HcdN

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\e713c7e460ca3ec49e9911fe2df8f63925a412292c76bf4479c74cf3cd4d0a5d.exe
"C:\Users\Admin\AppData\Local\Temp\e713c7e460ca3ec49e9911fe2df8f63925a412292c76bf4479c74cf3cd4d0a5d.exe"
1⤵
PID:1952

memory/1952-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/1952-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download