General
-
Target
1716-54-0x00000000284B0000-0x00000000285B1000-memory.dmp
-
Size
1.0MB
-
MD5
79eade5716a7a62440481736b5abbc77
-
SHA1
a39318998a3fecf1d18f556ff827c5726d3099fb
-
SHA256
21392cce96f9b0467ec0a85bfa41ee5ed217c227faf196aa692b724e14f2a92e
-
SHA512
9e319efc6baa8501306e1faca5917c39f645a78835d4abe8fe42d92685c4a2c0f88264673300638a0713d81a7d92f61a49c3fb30449a9424d6cedf243af416a4
-
SSDEEP
24:Hapq9Kkmp5WPRqtl65zv1Dw45qshMoSl60ZwGEL+:HR9S5NtCvBp7qTg0ePL+
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
C2
http://api.kingame.top:443/sfviwtxn
Attributes
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E) QQBrowser/6.9.11079.201 Host: api.kingame.top
Signatures
-
Cobaltstrike family
Files
-
1716-54-0x00000000284B0000-0x00000000285B1000-memory.dmp