Cobalt Strike DFIR: Listening to the Pipes — Blake's R&D
Tags
attack-pattern: Data Model Hooking - T1617 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Hooking - T1179 Hooking
Show in Graph
Common Information
Type Value
UUID 4dc58d1c-36b6-46ff-81bf-102d0f0dc5db
Fingerprint 36e1857e61ac4203
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 29, 2024, midnight
Added to db Sept. 26, 2022, 9:33 a.m.
Last updated Sept. 2, 2024, 10:38 p.m.
Headline Cobalt Strike DFIR: Listening to the Pipes
Title Cobalt Strike DFIR: Listening to the Pipes — Blake's R&D
Detected Hints/Tags/Attributes 40/1/2
Source URLs
Redirection Url
Details Source https://bmcder.com/blog/cobalt-strike-dfir-listening-to-the-pipes
URL Provider
Details Provider Source level domain
Details bmcder.com bmcder.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
msg.read
Details File 1 
scope.log