Cobalt Strike Attack: Threat Actors Leverage Phishing Emails
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Credentials - T1589.001 Malicious File - T1204.002 Phishing - T1660 Phishing - T1566 Remote Desktop Protocol - T1021.001 Scheduled Task - T1053.005 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Connection Proxy - T1090 Remote Desktop Protocol - T1076 Scheduled Task - T1053
Show in Graph
Common Information
Type Value
UUID 1f28b429-9ffe-4f94-91b9-942e3f9f8e4c
Fingerprint 956ebf98230ffecf
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 9, 2024, 3 a.m.
Added to db Sept. 9, 2024, 6:12 p.m.
Last updated Oct. 18, 2024, 1:30 p.m.
Headline Cobalt Strike Attack: Threat Actors Leverage Phishing Emails
Title Cobalt Strike Attack: Threat Actors Leverage Phishing Emails
Detected Hints/Tags/Attributes 36/2/6
Source URLs
Redirection Url
Details Source https://securityboulevard.com/2024/09/cobalt-strike-attack-threat-actors-leverage-phishing-emails/
URL Provider
Details Provider Source level domain
Details securityboulevard.com securityboulevard.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 226 Security Boulevard https://securityboulevard.com/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 65 
tuxcare.com
Details File 9 
违规远程控制软件人员名单.docx
Details File 10 
licensingui.exe
Details File 24 
dui70.dll
Details File 8 
lld.exe
Details Url 1 
https://tuxcare.com/blog/cobalt-strike-attack-threat-actors-leverage-phishing-emails