cobaltstrike | 5ebbf0559b72c11d43ee85f6da21ff3e7f41397974d35e9b834eb93256eaff22

Analysis

max time kernel
149s
max time network
151s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
30-06-2024 22:25

Target

5ebbf0559b72c11d43ee85f6da21ff3e7f41397974d35e9b834eb93256eaff22.exe
Size

19KB
MD5

d21a955e08b53f59553043a95a4e20a7
SHA1

f04f680bbe3164f135d78bcf8ce6525a1e8f5cfe
SHA256

5ebbf0559b72c11d43ee85f6da21ff3e7f41397974d35e9b834eb93256eaff22
SHA512

2410cb69e601a29413f7fbe7bf4d6763e1a94ba5b8f9b86baad1ece345e9cf9620d2f4a1b981bb4c8129aef245271bbca1e6b383656d3ee4a8f3c43e2c984261
SSDEEP

192:gV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2tOQtWF8qa1Dojjgi:CqaCF31cix+Dc4zjIOQAFF46gi

Score

10^/10

Family

cobaltstrike

http://101.43.161.148:4443/wKOL

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;ENUS)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\5ebbf0559b72c11d43ee85f6da21ff3e7f41397974d35e9b834eb93256eaff22.exe
"C:\Users\Admin\AppData\Local\Temp\5ebbf0559b72c11d43ee85f6da21ff3e7f41397974d35e9b834eb93256eaff22.exe"
1⤵
PID:2452

memory/2452-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2452-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download