General

  • Target

    05c2fe5d11e8980882ee8d56c6e261057f27fdffbf31a919f24bf77aa2fea5c5

  • Size

    113KB

  • MD5

    acf70efd6f54c4084ec1b688e8636674

  • SHA1

    9e23589fd977edb7a027e0aef6e12601888eb618

  • SHA256

    05c2fe5d11e8980882ee8d56c6e261057f27fdffbf31a919f24bf77aa2fea5c5

  • SHA512

    14bcb6ec2c0e4fe3fd700027a354bf9115037c5a7239bd9305e7c4983757d74a21ca6baafb541a5cca724db9e86368f6ae42c09bc753ece5ab685c3490c247f6

  • SSDEEP

    3072:Anr2dYRu0qbgZipt/JVPdpVdFA+hqnRJOq0oyHc:QLRzZiJXndFLhqxpH

Score
10/10

Malware Config

Signatures

  • Cobalt Strike reflective loader 1 IoCs

    Detects the reflective loader used by Cobalt Strike.

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 05c2fe5d11e8980882ee8d56c6e261057f27fdffbf31a919f24bf77aa2fea5c5
    .zip

    Password: infected

  • b65913b8856909caa657d911add19567d5caea190baf5df4609d47be479b48ef
    .dll windows:5 windows x86 arch:x86

    cef0a8b67e0adea9dbc532568c79bb24


    Headers

    Imports

    Exports

    Sections