Overview

overview

10

Static

static

10

2420-1-0x0...ry.dll

windows7-x64

3

2420-1-0x0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2420-1-0x00000000003A0000-0x00000000003DD000-memory.dmp

  • Size

    244KB

  • MD5

    ee4dd5b74fe642d7754ea44df9f7ab30

  • SHA1

    0fa4ab2041f12a904aa239fee290b65131d66be9

  • SHA256

    e24a098b266155c15ff29af8ed359ff962757b494a4d935eb6987cfe9403207f

  • SHA512

    3fd483db378b5d2ae8b065b0bf3bcdb653fc2becd0ba0d373d7f1beab44be60a118da557dea54de461b6dbbacaa54bf74facb22ef9d2ca32b45e7e3e243a6b40

  • SSDEEP

    3072:S3Ub/Ef4+iMY1KTmbOYfTiBW7+bIMoB8rtsLho9j1UC455zz:nEfniS697i47Jt8OLhkj

Score
10/10
cobaltstrike

Malware Config

Signatures

  • Cobalt Strike reflective loader 1 IoCs

    Detects the reflective loader used by Cobalt Strike.

  • Cobaltstrike family
    cobaltstrike
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2420-1-0x00000000003A0000-0x00000000003DD000-memory.dmp
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections