Static task
static1
Behavioral task
behavioral1
Sample
b440c83d2c005fc947f8ad19cc0ffc7d4b780ecdd9b3a6bd82a82a8b07bc3a36.dll
Resource
win7v20201028
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
b440c83d2c005fc947f8ad19cc0ffc7d4b780ecdd9b3a6bd82a82a8b07bc3a36.dll
Resource
win10v20201028
0 signatures
0 seconds
Errors
Reason
config extraction: CobaltStrike: pe: invalid address
General
-
Target
b440c83d2c005fc947f8ad19cc0ffc7d4b780ecdd9b3a6bd82a82a8b07bc3a36
-
Size
244KB
-
MD5
ba1029f1c462b8b8d891dab76b4f35ac
-
SHA1
cf3434de6ae6de2f9c9ee9153b0f577668494d51
-
SHA256
b440c83d2c005fc947f8ad19cc0ffc7d4b780ecdd9b3a6bd82a82a8b07bc3a36
-
SHA512
690ca93f90abe24f259f84e35be61a920ca2f2c059cfde77d73c76c4a6ad1f84db4a8bf6b6c03e6fcab562dbe9a83d236d9c023a72a8c6522a50fdacbc16a590
Score
10/10
Malware Config
Signatures
-
Cobalt Strike reflective loader 1 IoCs
Detects the reflective loader used by Cobalt Strike.
Processes:
resource yara_rule sample cobalt_reflective_dll -
Cobaltstrike family
Files
-
b440c83d2c005fc947f8ad19cc0ffc7d4b780ecdd9b3a6bd82a82a8b07bc3a36.dll windows x86