General

  • Target

    c4331ed28ba40390688140fbff8b8dfdd81a79fbcac254251c58489d41d6f851

  • Size

    105KB

  • MD5

    8a00c2c31e3b06caf5bdd8fdd2df1aad

  • SHA1

    6e3e4915f3fbd8ef1a263d69b11347b4bf5a8610

  • SHA256

    c4331ed28ba40390688140fbff8b8dfdd81a79fbcac254251c58489d41d6f851

  • SHA512

    7539712f1106fd15016afe43bdeb76b9a3be05bb575b0ee6afbf1128d7d7a74b5f1c662736c40da4e62fd5a6d934f8976682b2436a4acbdc8270a73a22e391f5

  • SSDEEP

    3072:GfB4kRv/uZgDwXLOXg1rjUvTWl310Sdifg4:GJjRuZugkg18vTW51Ug4

Score
10/10

Malware Config

Extracted

Family

cobaltstrike

Botnet

0

Attributes
  • watermark

    0

Signatures

  • Cobalt Strike reflective loader 1 IoCs

    Detects the reflective loader used by Cobalt Strike.

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c4331ed28ba40390688140fbff8b8dfdd81a79fbcac254251c58489d41d6f851
    .zip

    Password: infected

  • bdada34f4afa0186470ec4b1528ee7e1d94ef541a8e5ea4d25d5865326a60523
    .dll windows:5 windows x86 arch:x86

    cee2783f5b537863eedf6975484fc19a


    Headers

    Imports

    Sections