cobaltstrike | 1296-85-0x0000000003600000-0x0000000003631000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1296-85-0x0000000003600000-0x0000000003631000-memory.dmp
Size

196KB
MD5

a247eb43988cb820832f490f6a191222
SHA1

6b2c54d9a576659c2d3d150223a4dd9af7130bcc
SHA256

aa2559e1a546e41c35fa5f9aa4fe5bf299b576877e5a2f221ae5f21fd47a2c56
SHA512

84ef072f429f088fc2bb8289b73eddb06d84a40ea33859cb3faaed1edbfe875ff0277daf31b718e515f7d105d957b4ed01727001aa8ae7e6e6283b19023f68ea
SSDEEP

3072:xIxByWpX/LkK2Ipa9wG9161UicpoTJkVEuQqKxjGFvK:WxByCX/LkK2IU9wGHdWwBQ9xjIK

Score

10^/10

cobaltstrike

Malware Config

Signatures

Cobaltstrike family
cobaltstrike

Files

1296-85-0x0000000003600000-0x0000000003631000-memory.dmp
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ