Analysis
-
max time kernel
149s -
max time network
155s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
29-06-2024 10:26
Static task
static1
Behavioral task
behavioral1
Sample
8b84ee1cb9a1026a474dcbc9bf1428f5e1b65b4a260e2d31a9e8e3a962a43f2b.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
8b84ee1cb9a1026a474dcbc9bf1428f5e1b65b4a260e2d31a9e8e3a962a43f2b.exe
Resource
win10v2004-20240508-en
General
-
Target
8b84ee1cb9a1026a474dcbc9bf1428f5e1b65b4a260e2d31a9e8e3a962a43f2b.exe
-
Size
187KB
-
MD5
79cabd9ea31799d0fc21e2c4e0306c3f
-
SHA1
32c18c0ea2740ecc75a75105392245e450dee16b
-
SHA256
8b84ee1cb9a1026a474dcbc9bf1428f5e1b65b4a260e2d31a9e8e3a962a43f2b
-
SHA512
3146a74f5e6e826211f30d6575b88554993d3c0ffc253827f6195e381972fc2f4125f70715edf6ef76376023f9b9c9c62d6a01481a45f92144836213619675c4
-
SSDEEP
3072:v11TA08lyDDnOgAUVKuKYYqVBrWKiqq9Iii:QyDDOWW/n
Malware Config
Extracted
cobaltstrike
http://192.168.116.129:930/Xbr1
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.