Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
27-06-2024 13:22
Static task
static1
Behavioral task
behavioral1
Sample
cb0a4eaaca60ede27a871d5f9f6cd8f8c8570974030a8f2c33dbc6dab83ff965.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
cb0a4eaaca60ede27a871d5f9f6cd8f8c8570974030a8f2c33dbc6dab83ff965.exe
Resource
win10v2004-20240508-en
General
-
Target
cb0a4eaaca60ede27a871d5f9f6cd8f8c8570974030a8f2c33dbc6dab83ff965.exe
-
Size
19KB
-
MD5
c49969d7ad788266ef9165fbc933b4e7
-
SHA1
5d850d5afef4c939ede418d0923b2d76d64b7c10
-
SHA256
cb0a4eaaca60ede27a871d5f9f6cd8f8c8570974030a8f2c33dbc6dab83ff965
-
SHA512
a7141d0079c05cd8e536d76825469ac9b8c59c5bb6e980b8ac30dba449fcb4e2717f842efbb8523ae71d0c495e9b71023c4092c8be3777f71147c9ba2627d20d
-
SSDEEP
192:rV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2SMPqazQWF8qa1Dojjgi:FqaCF31cix+Dc4zj3MPqaz1FF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.67.99:80/PpXE
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; NP07; NP07)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.