cobaltstrike | d06315a19c86f742fc4e8eea287fcf322bc0b91be608c37a18ce739e5938c008 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d06315a19c86f742fc4e8eea287fcf322bc0b91be608c37a18ce739e5938c008
Size

143KB
MD5

526c5765a1763b78b12c4a65d16bcf17
SHA1

8010b3cec32f1f9057d29b6340080ffe143e9e92
SHA256

d06315a19c86f742fc4e8eea287fcf322bc0b91be608c37a18ce739e5938c008
SHA512

ac6414954a40a2f04890e098adbb5c9096b668f02e4ea9036dea7a8f39056e65266761ef0f155ef21880c619f7b5d7ebc6845e1319e507ce51ffbfb37ee9311c
SSDEEP

3072:Xy6VEptcRXsHPDebaAiKqdR9kPHQx1vd7Q9HZi:HVEw+ebaAEXos

Score

10^/10

cobaltstrike

Malware Config

Signatures

Cobaltstrike family
cobaltstrike

Files

d06315a19c86f742fc4e8eea287fcf322bc0b91be608c37a18ce739e5938c008
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE