Attention: We have transitioned to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access. While the app may appear unverified, you can confirm its legitimacy by verifying the App ID provided.
500 entries found.
Displaying page 1
of 25.
Trojan:Win64/Cobaltstrike
This is a detection for Cobalt Strike Beacon, which is a software component that gets deployed in target devices and allows an attacker remote access to the device to perform various tasks.
Alert level:
severe
Trojan:Win64/CobaltStrike.LP
Alert level:
severe
Trojan:Win64/CobaltStrike.KK
Alert level:
severe
Trojan:Win64/CobaltStrike.GY
Alert level:
severe
Trojan:Win64/CobaltStrike.BW
Alert level:
severe
Trojan:Win64/CobaltStrike!pz
Alert level:
severe
Trojan:Win64/CobaltStrike.STB
Alert level:
severe
Trojan:Win64/CobaltStrike.RIC
Alert level:
severe
Trojan:Win64/CobaltStrike.STD
Alert level:
severe
Trojan:Win64/CobaltStrike.STE
Alert level:
severe
Trojan:Win64/CobaltStrike.SDN
Alert level:
severe
Trojan:Win64/CobaltStrike.GYZ
Alert level:
severe
Trojan:Win64/CobaltStrike.CER
Alert level:
severe
Trojan:Win64/CobaltStrike.LKP
Alert level:
severe
Trojan:Win64/Cobaltstrike!MTB
Alert level:
severe
Trojan:Win64/Cobaltstrike!MSR
Alert level:
severe
Trojan:Win64/Cobaltstrike!rfn
Alert level:
severe
Trojan:Win64/CobaltStrike.C!sms
Alert level:
severe
Trojan:Win64/CobaltStrike.A!MTB
Alert level:
severe
Trojan:Win64/CobaltStrike.E!ibt
Alert level:
severe