Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
28-06-2024 10:25
Static task
static1
Behavioral task
behavioral1
Sample
cfe989ff4342b3b0da61a7f3e248e928a6947a3f5e173fe639689b5648982821.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
cfe989ff4342b3b0da61a7f3e248e928a6947a3f5e173fe639689b5648982821.exe
Resource
win10v2004-20240508-en
General
-
Target
cfe989ff4342b3b0da61a7f3e248e928a6947a3f5e173fe639689b5648982821.exe
-
Size
19KB
-
MD5
76ff3cb194401e9cd3299ada29e6b2bb
-
SHA1
eb3b5170ba31dbb145b489ccb04fbc4296ba380a
-
SHA256
cfe989ff4342b3b0da61a7f3e248e928a6947a3f5e173fe639689b5648982821
-
SHA512
096cf87781b59e44ebe5f501f4733c6c9f4863717eeb6e079d039da4a9ed3c28b6a4aa108febd086aca32037074bcf81ad3266a5d09803492626e7f26488c3d5
-
SSDEEP
192:iV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2FKngOWF8qa1Dojjgi:sqaCF31cix+Dc4zjdgvFF46gi
Malware Config
Extracted
cobaltstrike
http://172.17.136.238:443/N6fs
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.