Static task
static1
Behavioral task
behavioral1
Sample
bd0ef776f8a1ff7b774b2f003d9cac80de436bcfb878b8e6c105f171f3a5e84b.dll
Resource
win7v20201028
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
bd0ef776f8a1ff7b774b2f003d9cac80de436bcfb878b8e6c105f171f3a5e84b.dll
Resource
win10v20201028
0 signatures
0 seconds
Errors
Reason
config extraction: CobaltStrike: pe: invalid address
General
-
Target
bd0ef776f8a1ff7b774b2f003d9cac80de436bcfb878b8e6c105f171f3a5e84b
-
Size
244KB
-
MD5
4a6ac9379a35b32c84605043a56e62c3
-
SHA1
a0a2639be7f2e36b7e3ce7f426c9789041321d86
-
SHA256
bd0ef776f8a1ff7b774b2f003d9cac80de436bcfb878b8e6c105f171f3a5e84b
-
SHA512
ca9d9efb779878c64299c63f9a68899c035d18e5a45273d7971a664eac95ce7034a9b1d654e4cb804cbb3da77ee140cb31d421841310d47f30a382a61244cfcb
Score
10/10
Malware Config
Signatures
-
Cobalt Strike reflective loader 1 IoCs
Detects the reflective loader used by Cobalt Strike.
Processes:
resource yara_rule sample cobalt_reflective_dll -
Cobaltstrike family
Files
-
bd0ef776f8a1ff7b774b2f003d9cac80de436bcfb878b8e6c105f171f3a5e84b.dll windows x86