General

  • Target

    2912-1-0x00000000005A0000-0x00000000005DD000-memory.dmp

  • Size

    244KB

  • MD5

    b922644e6973f6206e7b346d030e6e3f

  • SHA1

    027629eb931b2f6dd254b867a33fb662d7fce7db

  • SHA256

    942af170bc9c5ff803cf0c22f07eb5e911a0845812bec87243891678ad1a4f10

  • SHA512

    2ae49fc62cdb0d8594a6dc616fc4fec3a48ea3e2d1e3ae5b53b7351a75feef28628137481f644c705c4e9338d54d76b69ddc5b1e2325d2f07d77b1d540a304c3

  • SSDEEP

    3072:SX0b/Ef92TCCfKzIOYuwzi4Hrve7Iz2NsLBV19j1UU5Lyz:nEfHCyCuGi4LvJzLBRj

Score
10/10

Malware Config

Signatures

  • Cobalt Strike reflective loader 1 IoCs

    Detects the reflective loader used by Cobalt Strike.

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2912-1-0x00000000005A0000-0x00000000005DD000-memory.dmp
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections