Hotcobalt - New Cobalt Strike DoS Vulnerability That Lets You Halt Operations - SentinelLabs
Tags
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Denial Of Service
Show in Graph
Common Information
Type Value
UUID a57dc68e-9b8a-4934-9240-5a9bdde12cef
Fingerprint f05031807910eece
Analysis status DONE
Considered CTI value 1
Text language
Published Aug. 4, 2021, midnight
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Nov. 7, 2024, 8:48 p.m.
Headline Hotcobalt – New Cobalt Strike DoS Vulnerability That Lets You Halt Operations
Title Hotcobalt - New Cobalt Strike DoS Vulnerability That Lets You Halt Operations - SentinelLabs
Detected Hints/Tags/Attributes 52/1/7
Source URLs
Redirection Url
Details Source https://labs.sentinelone.com/hotcobalt-new-cobalt-strike-dos-vulnerability-that-lets-you-halt-operations/
URL Provider
Details Provider Source level domain
Details sentinelone.com labs.sentinelone.com
Attributes
Details Type #Events CTI Value
Details CVE 1 
cve-2021-36798
Details File 3 
beacon.bin
Details File 5 
parse.url
Details File 1 
rutappdatalocaltemp745f.dll
Details File 2 
windowssystem32sysprepcryptbase.dll
Details File 2 
windowssystem32sysprepsysprep.exe
Details IPv4 1 
10.7.25.101