I saw this hash 2569cc660d2ae0102aa74c98d78bb9409ded24101a0eeec15af29d59917265f3 shared at malwareresearchgroup.slack.com. It was submitted to VT at 2021-09-01 19:47:50 and 37 security vendors flagged this file as malicious. 1. Analyze loader This loader is 64-bit Dll, compiled by MinGW and has one exported function: With the help of IDA, we can see the ServiceMain function will spawn a […]
Article Link: Quick analysis CobaltStrike loader and shellcode | 0day in {REA_TEAM}