cobaltstrike | 10a35a2218d325f621306ae3eacddafb4d7a261006db9ffa63128444e95fb32c

Analysis

max time kernel
148s
max time network
150s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 22:26

Target

10a35a2218d325f621306ae3eacddafb4d7a261006db9ffa63128444e95fb32c_NeikiAnalytics.exe
Size

17KB
MD5

d1d71a548b5208dc95ccd52111536370
SHA1

cbfb95ac2c5a4b77d9762bd62aa181b141043291
SHA256

10a35a2218d325f621306ae3eacddafb4d7a261006db9ffa63128444e95fb32c
SHA512

a90863627d8f65b851c8fdae74f80c602614b42018d84a559ed7ba6d5d6cb2223d7426d899602d70e820651a4e83e335b9d9ceab018f0f92cc85ef2000eb0896
SSDEEP

192:dDMAe4Ckj19RZZ6wpSfu1bKcq5uHj7khBDSeKNH4kkJBUbOj6kxiY:dDMAoKz6WtKEj7aBDitkJbAY

Score

10^/10

Family

cobaltstrike

http://192.168.17.131:80/Rj2o

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUSSEM)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\10a35a2218d325f621306ae3eacddafb4d7a261006db9ffa63128444e95fb32c_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\10a35a2218d325f621306ae3eacddafb4d7a261006db9ffa63128444e95fb32c_NeikiAnalytics.exe"
1⤵
PID:2440

memory/2440-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2440-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download