General
-
Target
1300-74-0x0000000003C80000-0x0000000004080000-memory.dmp
-
Size
4.0MB
-
MD5
d44ae807442a4be5e09a1150c62df3a9
-
SHA1
f1264681e3a23885ec151c30e83918a937f7c1a6
-
SHA256
6bc98d41f0f002c25306561eba92bbb170358b3da88a27579e421dee0332bf8c
-
SHA512
056e8bcd3d015a916d438551af3cab863e00fa535514300d444a187eddf272c6196ae4fa49d57a7c8a556a2c9f5eeec87942c9e827a98c9924fa80c61da40505
-
SSDEEP
3072:g3vli2EJv1RBuZH3JxgYhgipvLKoTte0SqoOCtA21/wlULGs7jnZdFjdUL5Nw:g3vyJNRkZHBvZp0qoOCu2pkojnZHj
Score
10/10
Malware Config
Signatures
-
Cobalt Strike reflective loader 1 IoCs
Detects the reflective loader used by Cobalt Strike.
resource yara_rule sample cobalt_reflective_dll -
Cobaltstrike family
Files
-
1300-74-0x0000000003C80000-0x0000000004080000-memory.dmp