https://hexpysya.github.io/tags/mini-dump/Recent content in Mini Dump on bubka hacks stuffHugo -- gohugo.ioen-usFri, 30 Jan 2026 00:00:00 +0000https://hexpysya.github.io/investigations/htb-crashdump/Fri, 30 Jan 2026 00:00:00 +0000https://hexpysya.github.io/investigations/htb-crashdump/Analyzed two process dumps (notepad.exe and update.exe) revealing a Cobalt Strike Beacon infection. The malware used process injection with reflective DLL loading, communicated with C2 server at <code>101.10.25.4:8023</code>, and possessed capabilities for privilege escalation, token manipulation, and lateral movement via named pipes.