2024-01-08_9424795b39468ede70da0f63390c05a2_cobalt-strike_lockbit | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-08_9424795b39468ede70da0f63390c05a2_cobalt-strike_lockbit
Size

288KB
MD5

9424795b39468ede70da0f63390c05a2
SHA1

b246adef91e234798c6e8b1a2e7fe6b245f2ba0a
SHA256

b19f5618359e7b856752a56efc4726a9c2ff4f3e7b4afbf3ea31c5b2941dee91
SHA512

85cb33e8bcbd2a30945d918be6934527b5dd499a2ea4ff38ea1520279eca6fa5fb033f3a2522382a38095caf8bdc6e825b6eb1cb79ca81808acf98a287ecd9a4
SSDEEP

3072:m4jPfhWV9XBb0MAtrg0OoHpFcNe9kQATnMR1g2br54Qun9UItLpCEcbqGpYl7WUV:m4jUXB0MZDoJFc3nCgI6QkUIcbpO5zx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-08_9424795b39468ede70da0f63390c05a2_cobalt-strike_lockbit

Files

2024-01-08_9424795b39468ede70da0f63390c05a2_cobalt-strike_lockbit
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 169KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ