General
-
Target
920-54-0x0000000000020000-0x0000000000023000-memory.dmp
-
Size
12KB
-
MD5
91ef6673ae87a3c4336d4422b33b5e5b
-
SHA1
41caf292f77fd976089ea679d923cecc53986e14
-
SHA256
031d04e3894aaec446b7d046331002ad944488101b2941c8b98aac07bc609b93
-
SHA512
cfe5530d354eae2a55202b8133ea430b9278bbe0ee86a3bc0b656b85cbbbd4fe30585b9a56c4bf823305151058b4f517407c51955e2fd857ab32b5935cf92c76
-
SSDEEP
192:czXpiesISn9Mr6nVBD27feVWcutHD9NNLWubzqShgjBp0:kpieGMenVBCqs7pNNyn0
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
C2
http://duladani.com:443/wp-includes/favicon.gif
Attributes
-
user_agent
Host: google.fr Connection: close Accept: image/jpeg Accept-Encoding: gzip, br User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_2) AppleWebKit/601.3.9 (KHTML, like Gecko) Version/9.0.2 Safari/601.3.9
Signatures
-
Cobaltstrike family
Files
-
920-54-0x0000000000020000-0x0000000000023000-memory.dmp