2024-08-17_7b5c1c507664f8bc64639a46894183ab_avoslocker_cobalt-strike_hijackloader | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-17_7b5c1c507664f8bc64639a46894183ab_avoslocker_cobalt-strike_hijackloader
Size

485KB
MD5

7b5c1c507664f8bc64639a46894183ab
SHA1

10ef1f620eea510c57f3bc298d4ae737ae7835ea
SHA256

10938cabf586473ebcb8d1664fa6cf9524aef7760dcecb98bba6591189948884
SHA512

0e58ee39745c0893a47fea0bc45189f1cdce68181cb11a613a485024c0e89d97a13e55562bbf06dfce5b0b261ca0355e36cb91b7782c958a79e9fd750feb1f9e
SSDEEP

6144:K7WQ0j4ltziolIGlnE2dFDyrlBu0R+J5JlLgPYfq8ZF02IlLZDb0nXe:Ci4lZioxyfu0R+J5JlLgPbDb0n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-17_7b5c1c507664f8bc64639a46894183ab_avoslocker_cobalt-strike_hijackloader

Files

2024-08-17_7b5c1c507664f8bc64639a46894183ab_avoslocker_cobalt-strike_hijackloader
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ