Overview

overview

10

Static

static

10

588-1-0x00...ry.dll

windows7-x64

3

588-1-0x00...ry.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    588-1-0x00000000006B0000-0x00000000006EE000-memory.dmp

  • Size

    248KB

  • MD5

    62b00e0e7e69c890b0dd4a12d479c45c

  • SHA1

    c352af16290ffcfe902fd81b6d0a69d29b7f4201

  • SHA256

    0d8fc8bcb0c556c779596c23a47281b7517a225f9ad6fbfb9d4fea05cc5f957c

  • SHA512

    df0fa3f580ec846cbaae57878a2f0a3eac4e18fcbf61d1b60ebebe777d52883d4c9465f8ebb5db61b0ec4eb8a0078299102f3fca929167b8ef0af6a312682cbd

  • SSDEEP

    3072:kB1inpqPLfyy59u8CmcPRG/XTK9KQq6JGdQJt7xx30ZjlUQNY5U:kBDfyQ88CmSc/X4bJjxx30jL

Score
10/10
cobaltstrike

Malware Config

Signatures

  • Cobalt Strike reflective loader 1 IoCs

    Detects the reflective loader used by Cobalt Strike.

  • Cobaltstrike family
    cobaltstrike
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 588-1-0x00000000006B0000-0x00000000006EE000-memory.dmp
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections