Alias Description | Votes |
---|---|
Nokoyawa is a possible alias for Cobaltstrike. Nokoyawa is a prominent malware, specifically ransomware, that has been linked to numerous cybercrime activities since it first emerged in 2022. It has been associated with various other malware families including Quantum, Royal, BlackBasta, and a variety of others such as Emotet, IcedID, CobaltStri | 3 |
IcedID is a possible alias for Cobaltstrike. IcedID is a malicious software (malware) that has been implicated in numerous cybercrime campaigns. It has been associated with other notable malware such as Qakbot, BazarLoader, CobaltStrike, Conti, Gozi, Trickbot, Quantum, Emotet, Pikabot, and SystemBC. Its distribution often involves the use of d | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Gootloader Malware is associated with Cobaltstrike. Gootloader is a potent malware, often used as an infostealer or deployed prior to ransomware attacks. It's known for its unique approach of Search Engine Optimization (SEO) poisoning, where victims are deceived into clicking on malicious links disguised as legitimate resources. A significant campaig | Unspecified | 3 |
The Droxidat Malware is associated with Cobaltstrike. DroxiDat, a new variant of the SystemBC malware, was deployed in a series of attacks on critical infrastructure targets in Africa during the third and fourth weeks of March. The malware, which acts as a system profiler and simple SOCKS5-capable bot, was specifically detected at an electric utility c | Unspecified | 2 |
The Emotet Malware is associated with Cobaltstrike. Emotet is a notorious malware, short for malicious software, that is designed to exploit and damage computers or devices. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user, with the potential to steal personal information, disrupt operations, | Unspecified | 2 |
The TrickBot Malware is associated with Cobaltstrike. TrickBot is a notorious malware developed by cybercriminals to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites. This malicious software can steal personal information, disrupt operations, or even hold data hostage for ransom. Vladimir Dunaev, | Unspecified | 2 |
The QakBot Malware is associated with Cobaltstrike. Qakbot is a type of malware, or malicious software, that infiltrates computer systems to exploit and damage them. This harmful program can infect devices through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt ope | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Earth Baku Threat Actor is associated with Cobaltstrike. Earth Baku, a threat actor linked to the China-associated APT group APT41, has emerged as a significant cybersecurity threat with operations extending beyond the Indo-Pacific region. Since late 2022, Earth Baku has expanded its malicious activities into Europe, the Middle East, and Africa. The group | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securityaffairs | 4 months ago | ||
Trend Micro | 4 months ago | ||
SANS ISC | 7 months ago | ||
Securelist | 7 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 9 months ago | ||
Securelist | 9 months ago | ||
Unit42 | a year ago | ||
CERT-EU | a year ago | ||
MITRE | a year ago | ||
BankInfoSecurity | a year ago | ||
Checkpoint | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Yori | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
InfoSecurity-magazine | a year ago | ||
CERT-EU | a year ago |