cobaltstrike | cb0a4eaaca60ede27a871d5f9f6cd8f8c8570974030a8f2c33dbc6dab83ff965

Analysis

max time kernel
148s
max time network
149s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
27-06-2024 13:22

Target

cb0a4eaaca60ede27a871d5f9f6cd8f8c8570974030a8f2c33dbc6dab83ff965.exe
Size

19KB
MD5

c49969d7ad788266ef9165fbc933b4e7
SHA1

5d850d5afef4c939ede418d0923b2d76d64b7c10
SHA256

cb0a4eaaca60ede27a871d5f9f6cd8f8c8570974030a8f2c33dbc6dab83ff965
SHA512

a7141d0079c05cd8e536d76825469ac9b8c59c5bb6e980b8ac30dba449fcb4e2717f842efbb8523ae71d0c495e9b71023c4092c8be3777f71147c9ba2627d20d
SSDEEP

192:rV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2SMPqazQWF8qa1Dojjgi:FqaCF31cix+Dc4zj3MPqaz1FF46gi

Score

10^/10

Family

cobaltstrike

http://192.168.67.99:80/PpXE

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; NP07; NP07)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\cb0a4eaaca60ede27a871d5f9f6cd8f8c8570974030a8f2c33dbc6dab83ff965.exe
"C:\Users\Admin\AppData\Local\Temp\cb0a4eaaca60ede27a871d5f9f6cd8f8c8570974030a8f2c33dbc6dab83ff965.exe"
1⤵
PID:2356

memory/2356-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2356-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download