cobaltstrike | e497479d9ff264d34001f73dceace3f07380f623a9bb712b81c30bd4abca5b84

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
02-07-2024 05:23

Target

e497479d9ff264d34001f73dceace3f07380f623a9bb712b81c30bd4abca5b84.exe
Size

20KB
MD5

b4cdff5929c4495ba12528eccac9ebab
SHA1

44a093211d9a6beb00a1172259b1762aeeeca231
SHA256

e497479d9ff264d34001f73dceace3f07380f623a9bb712b81c30bd4abca5b84
SHA512

e5302ad79fbd57fbde4400ffc5460ec04eafd3bf487fce086c79210d8543cb845d4e8ff58c3bf3d951a919f450607ccc58f25e034ce120112102c66d341d5679
SSDEEP

192:XV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2hvjVWgWrWF8qa1Dojjgiw:BqaCF31cix+Dc4zjYvvWSFF46giw

Score

10^/10

Family

cobaltstrike

http://51.161.120.85:443/Dr3t

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\e497479d9ff264d34001f73dceace3f07380f623a9bb712b81c30bd4abca5b84.exe
"C:\Users\Admin\AppData\Local\Temp\e497479d9ff264d34001f73dceace3f07380f623a9bb712b81c30bd4abca5b84.exe"
1⤵
PID:4316

memory/4316-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/4316-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download