Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
Deep Malware Analysis
top title background image
flash

c0c3gdcdTW.exe

Status: finished
Submission Time: 2023-07-24 21:25:24 +02:00
Malicious
Trojan
Evader
CobaltStrike

Comments

Tags

  • CobaltStrike
  • exe

Details

  • Analysis ID:
    1278643
  • API (Web) ID:
    1278643
  • Original Filename:
    0f98260fae28d8424c808ee593094c5a.exe
  • Analysis Started:
    2023-07-24 21:33:58 +02:00
  • Analysis Finished:
    2023-07-24 21:42:39 +02:00
  • MD5:
    0f98260fae28d8424c808ee593094c5a
  • SHA1:
    d47ecf84389fb04cf73f6290187f8070de684aae
  • SHA256:
    a3fbf1aead035c063da828ea18ed8cb85f9259ebc47851837bb510fc8737fb35
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Full Report Management Report IOC Report
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report
malicious
Score: 31/71
malicious
Score: 17/38
malicious
malicious

IPs

IP Country Detection
51.222.196.75
 France

Domains

Name IP Detection
license.itekgroup.com
 51.222.196.75
werewolves.su
 51.222.196.75
license.werewolves.su
 51.222.196.75

URLs

Name Detection
https://license.itekgroup.com/poll?token=ZGRmZGdrZWNmZWZrZGNmcGVsZ25kZ2RoaGNlZ2hjaGNnZGdjZ2JlZGZiZWdkZmhnZWZmZ2hqZ2ZlbGRmZGplZmVqZ3BlZmhmZmNnbWVkZWJoamVmZGdla2ZwaGllamZqZ21oaWhmZ2ZlaWVlZGNna2djZWpla2dsZGVlYmVrZGhnZWVpZWtoYmhiZ2tmaWZnZ3BkZGVoZ2tmYWRmZWZoZ2dwZGhlamdpZ3BoYWdtZnBnbGdoZWNlbWRhZXBnZmRkZGllaWdwZ2ljbmVsZWVlcGhnaGFoYWVmZ2tna2dqZmZkaGhiZGVnb2VpZmJmZWVoZ2pnbGRjZ2Nlb2dlaGNmaGRoZ2xnZ2hpZWpnaGZmZ2JmZmVlZ2poZWZoZ2NnY2VsaGZnZGRkZmZlZWViZ2hmZWhkZ2JlcGZrZ2Zoa2dlZ2ZnY2hmZWJoZWVlZGlncGhnaGFoZWdk
https://license.itekgroup.com/p
werewolves.su
Click to see the 35 hidden entries
https://license.itekgroup.com/poll?token=ZGRmZGdrZWNmZWZrZGNmcGVsZ25kZ2RoaGNlZ2hjaGNnZGdjZ2JlZGZiZWd
https://license.werewolves.su/l
https://werewolves.su/p
https://www.thawte.com/repository0W
https://license.itekgroup.com/
https://license.itekgroup.com/lz4-S)
http://www.ftc.ru
https://license.werewolves.su/p
https://license.werewolves.su/
http://crl.thawte.com/ThawteTimestampingCA.crl0
https://werewolves.su/rovider7
https://license.itekgroup.com/a
https://license.werewolves.su/poll?token=ZGRmZGdrZWNmZWZrZGNmcGVsZ25kZ2RoaGNlZ2hjaGNnZGdjZ2JlZGZiZWdkZmhnZWZmZ2hqZ2ZlbGRmZGplZmVqZ3BlZmhmZmNnbWVkZWJoamVmZGdla2ZwaGllamZqZ21oaWhmZ2ZlaWVlZGNna2djZWpla2dsZGVlYmVrZGhnZWVpZWtoYmhiZ2tmaWZnZ3BkZGVoZ2tmYWRmZWZoZ2dwZGhlamdpZ3BoYWdtZnBnbGdoZWNlbWRhZXBnZmRkZGllaWdwZ2ljbmVsZWVlcGhnaGFoYWVmZ2tna2dqZmZkaGhiZGVnb2VpZmJmZWVoZ2pnbGRjZ2Nlb2dlaGNmaGRoZ2xnZ2hpZWpnaGZmZ2JmZmVlZ2poZWZoZ2NnY2VsaGZnZGRkZmZlZWViZ2hmZWhkZ2JlcGZrZ2Zoa2dlZ2ZnY2hmZWJoZWVlZGlncGhnaGFoZWdk
https://werewolves.su/_
https://werewolves.su/r#
https://license.werewolves.su/4
https://license.itekgroup.com/i
https://license.itekgroup.com/h
https://license.itekgroup.com/itekgroup.com/
https://license.itekgroup.com/l
https://license.werewolves.su/c
https://license.werewolves.su/j
https://license.itekgroup.com/4
http://ocsp.thawte.com0
https://werewolves.su/r7
https://werewolves.su/
https://werewolves.su/poll?token=ZGRmZGdrZWNmZWZrZGNmcGVsZ25kZ2RoaGNlZ2hjaGNnZGdjZ2JlZGZiZWdkZmhnZWZmZ2hqZ2ZlbGRmZGplZmVqZ3BlZmhmZmNnbWVkZWJoamVmZGdla2ZwaGllamZqZ21oaWhmZ2ZlaWVlZGNna2djZWpla2dsZGVlYmVrZGhnZWVpZWtoYmhiZ2tmaWZnZ3BkZGVoZ2tmYWRmZWZoZ2dwZGhlamdpZ3BoYWdtZnBnbGdoZWNlbWRhZXBnZmRkZGllaWdwZ2ljbmVsZWVlcGhnaGFoYWVmZ2tna2dqZmZkaGhiZGVnb2VpZmJmZWVoZ2pnbGRjZ2Nlb2dlaGNmaGRoZ2xnZ2hpZWpnaGZmZ2JmZmVlZ2poZWZoZ2NnY2VsaGZnZGRkZmZlZWViZ2hmZWhkZ2JlcGZrZ2Zoa2dlZ2ZnY2hmZWJoZWVlZGlncGhnaGFoZWdk
https://www.thawte.com/cps0/
https://license.werewolves.su/P7
https://license.werewolves.su/A
https://werewolves.su/7
https://werewolves.su/poll?token=ZGRmZGdrZWNmZWZrZGNmcGVsZ25kZ2RoaGNlZ2hjaGNnZGdjZ2JlZGZiZWdkZmhnZWZ
https://license.werewolves.su/poll?token=ZGRmZGdrZWNmZWZrZGNmcGVsZ25kZ2RoaGNlZ2hjaGNnZGdjZ2JlZGZiZWd
https://werewolves.su/rovider
https://license.itekgroup.com/-

Dropped files

No malicious files found. See full and IOC report for all dropped files.