Static task
static1
Behavioral task
behavioral1
Sample
b54d4291f28d83a4d79700a879b0f2e77f3411eb55622c1fa71a1f765a270ae8.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
b54d4291f28d83a4d79700a879b0f2e77f3411eb55622c1fa71a1f765a270ae8.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
Errors
Reason
config extraction: CobaltStrike: pe: invalid address
General
-
Target
b54d4291f28d83a4d79700a879b0f2e77f3411eb55622c1fa71a1f765a270ae8
-
Size
244KB
-
MD5
efaee7bd4b54031c31b4008cb5e25432
-
SHA1
4bdcad4f3cb10b9d4887ae8d099860ad42eeac1e
-
SHA256
b54d4291f28d83a4d79700a879b0f2e77f3411eb55622c1fa71a1f765a270ae8
-
SHA512
f3ee8c2fa5d543d5c612fe533daa890e7c66fa2537c277b56e2b9fc489cf39a7bb47a17d19e9f7209a2e4694ae55b7377289a4fa6e7807a72e0c7a3e6ad04163
Score
10/10
Malware Config
Signatures
-
Cobalt Strike reflective loader 1 IoCs
Detects the reflective loader used by Cobalt Strike.
Processes:
resource yara_rule sample cobalt_reflective_dll -
Cobaltstrike family
Files
-
b54d4291f28d83a4d79700a879b0f2e77f3411eb55622c1fa71a1f765a270ae8.dll windows x86