General

  • Target

    704-55-0x00000000005C0000-0x00000000006C1000-memory.dmp

  • Size

    1.0MB

  • MD5

    cfa1a9363ff0a8199b54797f935462ce

  • SHA1

    9685d6f5aef7b4f4e36fb6ebbb04017f75f535f2

  • SHA256

    e5552775e05c1ff1b8b3b1363c0981adff0e5445b0e8029cc1dee5212f828aeb

  • SHA512

    a6aa1615cf2accbfa25617eedad0565cd1101ec303e7427f3c14ec6ba0ba58f8e9f6d4453df2b9eeded9b30e1cc4234c162dcc38d60d0263a064cf266e8b2721

  • SSDEEP

    24:Oapq9Kkmp5WPRqr7PrkZgKWn2DOIRwIqjGEL:OR9S5NrfkZF+CO15jPL

Score
10/10

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.92.173.228:443/socialapiVersion=2.0

Attributes
  • user_agent

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Host: officecdn.microsoft.com Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4044.62 Safari/537.26

Signatures

Files

  • 704-55-0x00000000005C0000-0x00000000006C1000-memory.dmp