cobaltstrike | 1260-137-0x0000000000AD0000-0x0000000000B07000-memory[.]dmp

Sharing

Copy URL

Twitter E-mail

General

Target

1260-137-0x0000000000AD0000-0x0000000000B07000-memory.dmp
Size

220KB
MD5

ce33471868bae74150f0ce3a7f0aac51
SHA1

101adbb952236e2fcc92f99102c4e498c3a0aaf8
SHA256

1cafa05278b9193e818cd578e01511fce5767e8755781722d1779cceb30405b7
SHA512

3b20bc6870315bfcf0511546b4c9764c540d37007f1abcad8311518074327297920fd868476c95f899b4d94f43acc43069dcfefa9ae21603f79a8d67dd8876bd
SSDEEP

6144:766Jk8IxXC3YSL2a1Wd7h00Lks1YarGR8rjXuqpjHI:2Uv0XyYmYvbLks1YarGR8OWjo

Score

10^/10

cobaltstrike

Malware Config

Signatures

Cobaltstrike family
cobaltstrike

Files

1260-137-0x0000000000AD0000-0x0000000000B07000-memory.dmp
.dll windows x86

2784a31e81408c6a1b0043d146be54b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

��

��
��
��
��V
��
��
��
��
��
��Ô
��
��
��
��
��
��
��
��
��
��
��
��
��
��.��3��ê��0��񅪱��1��񍦻��
��.��3��ê��0��񅪱��1��񍦻��
��.��3��ê��0��񅪱��1��񍦻��
��3��ê��0��񅪱��1��񍦻��
��ê��0��񅪱��1��񍦻��
��0��񅪱��1��񍦻��
��񅪱��1��񍦻��
��񍦻��
��
��
��񐭢��
��
��
��
��
��x
��>��j��
��j��
��
��u��
��
��
��
��
��#��
��
��
��
��G��
��
��C��񅪱��
��񅪱��
��񍦻��\��
��
��
��
��
��
��A��
��
��
��
��f��
��d��f��
��
��
��
��
��
��
��
��
��
��ß��
��à��ß��
��
��
��
��Z��
��
��á��
��Ý��á��
��
��
��
��
��
��
��
��
��
��
��
��Ù��
��
��
��æ��
��æ��
��[��æ��
��
��
��K��
��ÿ��K��
��
��
��
��
��L��Ý��á��
��
��A��L��Ý��á��
��
��l
��
��
��ä��í��
��í��
��
��þ
��
��
��
��
��
��4��2��
��4��2��
��2��
��
��3��
��
��
��
��Ò��z��Ã��
��z��Ã��
��Ã��
��
��
��Ð��m��n��
��ì
��
��
��
��
��M
��
��
��
��
��Ê��
��
��^��
��z
��
��w
��
��n��
��m��n��

��r

��
��
��
��
��
��
��Z
��
��j
��Ü
��
��

��

ord15
ord4
ord23
ord52
ord19
��
ord16
ord116
ord3
��
ord14
ord9
ord8
ord22
ord111
ord10
ord1
ord13
ord151
ord2
ord20
ord18
ord11
ord17
ord115

Exports

Exports

_ReflectiveLoader@4

Sections

��
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

��
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��
Size: 16KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2784a31e81408c6a1b0043d146be54b5

Headers

DLL Characteristics

File Characteristics

Imports

�������������

������������r

�����������

Exports

Exports

Sections

������ Size: 153KB - Virtual size: 152KB

������� Size: 39KB - Virtual size: 39KB

������ Size: 16KB - Virtual size: 49KB

������� Size: 8KB - Virtual size: 7KB

��

��r

��

��
Size: 153KB - Virtual size: 152KB

��
Size: 39KB - Virtual size: 39KB

��
Size: 16KB - Virtual size: 49KB

��
Size: 8KB - Virtual size: 7KB