ioc[.]one - OSINT Cyber Threat Intelligence Database

Deobfuscating a PowerShell Cobalt Strike beacon stager

Tags

attack-pattern:

Data Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	c92f5a5d-be1b-4eaf-8b33-4cee8fb0cd77
Fingerprint	aa63b9222b9f8bcc
Analysis status	DONE
Considered CTI value	0
Text language
Published	June 3, 2023, 2 p.m.
Added to db	June 3, 2023, 4:21 p.m.
Last updated	Nov. 17, 2024, 5:58 p.m.
Headline	Deobfuscating a PowerShell Cobalt Strike beacon stager
Title	Deobfuscating a PowerShell Cobalt Strike beacon stager
Detected Hints/Tags/Attributes	28/1/5

Source URLs

	Redirection	Url
Details	Source	https://medium.com/@cybenfolland/deobfuscating-a-powershell-cobalt-strike-beacon-loader-c650df862c34?source=rss------cybersecurity-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	167	✔	Cybersecurity on Medium	https://medium.com/feed/tag/cybersecurity	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	File	36		compression.gzip
Details	File	11		'system.dll
Details	File	57		system.dll
Details	File	748		kernel32.dll
Details	IPv4	1		81.70.197.244