General
-
Target
704-55-0x00000000005C0000-0x00000000006C1000-memory.dmp
-
Size
1.0MB
-
MD5
cfa1a9363ff0a8199b54797f935462ce
-
SHA1
9685d6f5aef7b4f4e36fb6ebbb04017f75f535f2
-
SHA256
e5552775e05c1ff1b8b3b1363c0981adff0e5445b0e8029cc1dee5212f828aeb
-
SHA512
a6aa1615cf2accbfa25617eedad0565cd1101ec303e7427f3c14ec6ba0ba58f8e9f6d4453df2b9eeded9b30e1cc4234c162dcc38d60d0263a064cf266e8b2721
-
SSDEEP
24:Oapq9Kkmp5WPRqr7PrkZgKWn2DOIRwIqjGEL:OR9S5NrfkZF+CO15jPL
Malware Config
Extracted
cobaltstrike
http://47.92.173.228:443/socialapiVersion=2.0
-
user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Host: officecdn.microsoft.com Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4044.62 Safari/537.26
Signatures
-
Cobaltstrike family
Files
-
704-55-0x00000000005C0000-0x00000000006C1000-memory.dmp