Cobalt Strike
Abilities
Attack
Defense
Agility
-
Speed
-
Strength
-
Weapons Mastery
-
Camouflage
Created in 2012, Cobalt Strike is a penetration testing platform whose tools have been repurposed by threat actors to facilitate cyber attacks.
Cobalt Strike's built-in features include malicious command execution, key logging, file transfer, SOCKS proxying and privilege escalation.
Cobalt Strike consists of two main packages: team server and client. Team server is a C2 server, and client is an application used to connect to a team server. Cobalt Strike also contains a default malware payload, BEACON, which establishes C2 with an infected machine.
Cobalt Strike BEACON is unpacked by a variety of malware, including the recently discovered BumbleBee loader.
Used by CONTI, Barium, Cobalt, FIN6, StellarParticle, DeepPanda, Winnti and many more.
Cobalt Strike's built-in features include malicious command execution, key logging, file transfer, SOCKS proxying and privilege escalation.
Cobalt Strike consists of two main packages: team server and client. Team server is a C2 server, and client is an application used to connect to a team server. Cobalt Strike also contains a default malware payload, BEACON, which establishes C2 with an infected machine.
Cobalt Strike BEACON is unpacked by a variety of malware, including the recently discovered BumbleBee loader.
Used by CONTI, Barium, Cobalt, FIN6, StellarParticle, DeepPanda, Winnti and many more.