2024-06-07_bf938a6cb3f0f4e8f2e3316caa1cc530_avoslocker_cobalt-strike | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-07_bf938a6cb3f0f4e8f2e3316caa1cc530_avoslocker_cobalt-strike
Size

485KB
MD5

bf938a6cb3f0f4e8f2e3316caa1cc530
SHA1

2d98ad61235496c90fd6ea81e80bc6415671fd6c
SHA256

85acc60744e89fdb76b27e5c67e4b33fc873097b4be7c55b1cd9945bd54df1f6
SHA512

cea24b52f5504f0a59b57bfe5967666b9b492ed77685b8b1bfb9d7dbd54736ec4f112deb8f55def85262201630cc453c2cbb420a24097985a982dc3b0780fe4a
SSDEEP

6144:C7WQ0j4ltziolIGlnE2dFDwrlBu0R+J5JlLgPYfq8ZF02IlLZDI0nXe:qi4lZioxwfu0R+J5JlLgPbDI0n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-07_bf938a6cb3f0f4e8f2e3316caa1cc530_avoslocker_cobalt-strike

Files

2024-06-07_bf938a6cb3f0f4e8f2e3316caa1cc530_avoslocker_cobalt-strike
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ