General
-
Target
2208-55-0x0000000000380000-0x0000000000480000-memory.dmp
-
Size
1024KB
-
MD5
f9e569228fb85da41ba4da8a20e38754
-
SHA1
1f1f399732a90850a48eafe3916363c2183e2b60
-
SHA256
64672a8d2008a2b120ab183acafbae38e8ebb6e39bcb950e74b2c03f1ab5001f
-
SHA512
6c315968b225ca5bfa8809752845477a90e638a1515e9bce5e02de1cda6b13215af87066761dd06f756ab1fa26710c4b680d3134933ad6bc3815c9e83fabc751
-
SSDEEP
1536:N4rHVOBM9PL2DboX5oKKUHjSBxgwBo5sP5mw:N4rHVj9PL2PKK+jSBxo5sP5mw
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
C2
http://123.207.51.53:62051/XpTA
Attributes
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; XBLWP7; ZuneWP7)
Signatures
-
Cobaltstrike family
Files
-
2208-55-0x0000000000380000-0x0000000000480000-memory.dmp