How to Use Ghidra to Analyse Shellcode and Extract Cobalt Strike Command & Control Servers
Tags
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID 03a37e37-e53e-4014-b80a-34b404524286
Fingerprint 260802727bad1729
Analysis status DONE
Considered CTI value -2
Text language
Published Dec. 8, 2023, 12:36 p.m.
Added to db Aug. 31, 2024, 2:41 a.m.
Last updated Sept. 3, 2024, 6:40 a.m.
Headline UNKNOWN
Title How to Use Ghidra to Analyse Shellcode and Extract Cobalt Strike Command & Control Servers
Detected Hints/Tags/Attributes 28/1/3
Source URLs
Redirection Url
Details Source https://www.embeeresearch.io/ghidra-basics-shellcode-analysis/
URL Provider
Details Provider Source level domain
Details embeeresearch.io www.embeeresearch.io
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 107 Embee Research https://embee-research.ghost.io/rss/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 5 
blobrunner.exe
Details sha256 1 
26f9955137d96222533b01d3985c0b1943a7586c167eceeaa4be808373f7dd30
Details IPv4 1 
195.211.98.91