Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
29-06-2024 10:25
Static task
static1
Behavioral task
behavioral1
Sample
0feb2cb1c9a50baade6780ba1e45de66e6ecffa4624a4acfe94759271570c98b.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0feb2cb1c9a50baade6780ba1e45de66e6ecffa4624a4acfe94759271570c98b.exe
Resource
win10v2004-20240611-en
General
-
Target
0feb2cb1c9a50baade6780ba1e45de66e6ecffa4624a4acfe94759271570c98b.exe
-
Size
19KB
-
MD5
09d7a9df2b95b00d352e238d99575799
-
SHA1
0559f6ce6eeb32d8483e7821326fb8d58914bc98
-
SHA256
0feb2cb1c9a50baade6780ba1e45de66e6ecffa4624a4acfe94759271570c98b
-
SHA512
d9e02050b22f4e47a5ea6d574d4223b7d44d3683db50a06bb462337bf01f1a42156dc153ed10b1c59c135f7621d01fcca836ef98320ba9f5705262b08d87ed2d
-
SSDEEP
192:pV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/26mp9z8FhWF8qa1Dojjgi:LqaCF31cix+Dc4zj8zocFF46gi
Malware Config
Extracted
cobaltstrike
http://192.168.101.81:8523/IhkA
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; MAARJS)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.