cobaltstrike | 1400-56-0x0000000000810000-0x000000000085E000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1400-56-0x...ry.dll

windows7-x64

3

1400-56-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1400-56-0x0000000000810000-0x000000000085E000-memory.dll

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

1400-56-0x0000000000810000-0x000000000085E000-memory.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1400-56-0x0000000000810000-0x000000000085E000-memory.dmp
Size

312KB
MD5

b8ff074e6acf04f12ae5078194677be1
SHA1

b96605941683fa4138b8e6f7d6c8aab443dae567
SHA256

12194fefa825e90ee1559057a7a502937f14623a722fd07987017b2f266bcfa5
SHA512

2b60ffa3dd34988a845fda17061db5b9edbd6f63b688d0efdce121b9e76ab702d6954683062098cc91bcfc159994cb2ae4fa5f28778163dc798faf0a221f22f6
SSDEEP

3072:7c0nsHpyvGj346lbkBN/gppj8aJGIhxjT3A8ygbLAZmitdGYLtV+YJnb/S1PlxcB:7c0bPzIpt8ahTw8PHA8itQW+psuE

Score

10^/10

0 cobaltstrike

Malware Config

Extracted

Family

cobaltstrike

Botnet

0

Attributes

watermark
0

Signatures

Cobaltstrike family
cobaltstrike

Files

1400-56-0x0000000000810000-0x000000000085E000-memory.dmp
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy