cobaltstrike | 521d55dde06e30a3ca6f67287703da744dcd87fb68bba185b857846e7af0ab9e[.]zip

General

Target

521d55dde06e30a3ca6f67287703da744dcd87fb68bba185b857846e7af0ab9e.zip
Size

133KB
MD5

482413a1d015f6a9724a228dc7037e2f
SHA1

503b1875ce15e4b12d24263e6d3493ad0b834e26
SHA256

3f33c5c0481780b55dd86c003b40dc2f0255c0112dd4ba397fc40a476cc6cfcd
SHA512

8b49c44a53c2c34e2bb4bb1b6f954f5945b43d007f0ea6a17f013417e8de077686c0fe26bb59a8dfaee9bd14f3e009487a41b18a3852a8a56a95f014b8b1be43
SSDEEP

3072:SsuXwPVOB6bz7T/VdntR3NRuH/7kV0zF6NAhvsSAlPCg21:SshsB6/Vdj3NRm7K0z2AhE5PfO

Score

10^/10

0 cobaltstrike

Family

cobaltstrike

Botnet

0

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/521d55dde06e30a3ca6f67287703da744dcd87fb68bba185b857846e7af0ab9e

521d55dde06e30a3ca6f67287703da744dcd87fb68bba185b857846e7af0ab9e.zip
.zip

Password: infected
521d55dde06e30a3ca6f67287703da744dcd87fb68bba185b857846e7af0ab9e
.dll windows:5 windows x64 arch:x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ