GitHub - mai1zhi2/SharpBeacon: CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 39a511fc-afff-4f37-93d7-30e2bbbedd62 |
| Fingerprint | 623353680208922f |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Sept. 1, 2021, midnight |
| Added to db | Sept. 26, 2022, 9:34 a.m. |
| Last updated | Nov. 17, 2024, 1 a.m. |
| Headline | mai1zhi2/SharpBeacon |
| Title | GitHub - mai1zhi2/SharpBeacon: CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能 |
| Detected Hints/Tags/Attributes | 14/0/19 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://github.com/mai1zhi2/SharpBeacon |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 8 | bbs.pediy.com |
|
| Details | Domain | 61 | system.windows |
|
| Details | File | 1 | 复制到config.cs |
|
| Details | File | 1 | 并在config.cs |
|
| Details | File | 1 | config.cs |
|
| Details | File | 1 | sharpbeacon.exe |
|
| Details | File | 1 | bopin2020师傅在win11测试calc.exe |
|
| Details | File | 1 | thread-269115.htm |
|
| Details | File | 1 | gadgettojscript.exe |
|
| Details | File | 29 | program.cs |
|
| Details | File | 5 | forms.dll |
|
| Details | File | 1 | 测试时在make_token后执行了cmd.exe |
|
| Details | File | 1 | 被注入的程序是64位的calc.exe |
|
| Details | File | 1 | 但最后calc.exe |
|
| Details | File | 1 | 被注入的calc.exe |
|
| Details | IPv4 | 1 | 10.10.10.165 |
|
| Details | IPv4 | 1 | 192.168.202.180 |
|
| Details | IPv4 | 3 | 192.168.202.1 |
|
| Details | Url | 1 | https://bbs.pediy.com/thread-269115.htm |