General
-
Target
10d7c0e08d2f5ccaee9e722c965f65c8d4a9ac54b32c542bde29c017d76bc7ae
-
Size
1.4MB
-
Sample
240702-f2zbda1gpn
-
MD5
7852d19ca1efd7a26644980df3ba01d3
-
SHA1
18cfdd421415f819d833a10c994d8d3fc31ec484
-
SHA256
10d7c0e08d2f5ccaee9e722c965f65c8d4a9ac54b32c542bde29c017d76bc7ae
-
SHA512
f69f1ec58acab14a6bf4d122649422f694c1ed4c6a992f30da5b93a717efc50360d0cba737efa1f0529ea8e21a012c6e786156d1fedad57a7940aa886e71e14c
-
SSDEEP
24576:0Hyi0YRzZgx/jtTObFtURiRQkzRQD9ZkdxTu5iZpUHLQfRRNa:HIIhTObMbIItrya
Static task
static1
Behavioral task
behavioral1
Sample
10d7c0e08d2f5ccaee9e722c965f65c8d4a9ac54b32c542bde29c017d76bc7ae.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
10d7c0e08d2f5ccaee9e722c965f65c8d4a9ac54b32c542bde29c017d76bc7ae.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
cobaltstrike
http://49.233.48.44:443/Rpc
-
user_agent
Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko)
Targets
-
-
Target
10d7c0e08d2f5ccaee9e722c965f65c8d4a9ac54b32c542bde29c017d76bc7ae
-
Size
1.4MB
-
MD5
7852d19ca1efd7a26644980df3ba01d3
-
SHA1
18cfdd421415f819d833a10c994d8d3fc31ec484
-
SHA256
10d7c0e08d2f5ccaee9e722c965f65c8d4a9ac54b32c542bde29c017d76bc7ae
-
SHA512
f69f1ec58acab14a6bf4d122649422f694c1ed4c6a992f30da5b93a717efc50360d0cba737efa1f0529ea8e21a012c6e786156d1fedad57a7940aa886e71e14c
-
SSDEEP
24576:0Hyi0YRzZgx/jtTObFtURiRQkzRQD9ZkdxTu5iZpUHLQfRRNa:HIIhTObMbIItrya
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Loads dropped DLL
-