cobaltstrike | e08f320bff09e66d4620b81bde5c5e3a9adff17f3e09c7f3d82eb570c51459a5

Analysis

max time kernel
148s
max time network
149s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
27-06-2024 13:22

Target

e08f320bff09e66d4620b81bde5c5e3a9adff17f3e09c7f3d82eb570c51459a5.exe
Size

162KB
MD5

cc36f39af1b63b75ffdda3410b32633d
SHA1

dea46120369a4610d0a7a027ca2cee59b0c51d4b
SHA256

e08f320bff09e66d4620b81bde5c5e3a9adff17f3e09c7f3d82eb570c51459a5
SHA512

446422dd58e962100c4454e2aec2b75be5c1c4078fc58a8b79fc7dbad6f4c2dc0a5e3922e98e81755fa63c61f740f5ad4078ab52e4ec20900160ddc62bf11e3a
SSDEEP

1536:T00MZ1Jcffffffffffffffffffffffffffffffffffffffffffffffffffflfffd:T1O1

Score

10^/10

Family

cobaltstrike

http://192.168.253.128:11802/s3nI

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; Xbox)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\e08f320bff09e66d4620b81bde5c5e3a9adff17f3e09c7f3d82eb570c51459a5.exe
"C:\Users\Admin\AppData\Local\Temp\e08f320bff09e66d4620b81bde5c5e3a9adff17f3e09c7f3d82eb570c51459a5.exe"
1⤵
PID:2052

memory/2052-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2052-1-0x0000000000400000-0x0000000000430000-memory.dmp

Filesize
192KB

Download