Comprehensive Threat Intelligence: Manjusaka: A Chinese sibling of Sliver and Cobalt Strike

Security researchers recently discovered a new attack framework called "Manjusaka" being used in the wild that has the potential to become prevalent across the threat landscape. This framework is advertised as an imitation of the Cobalt Strike framework.

REFERENCE: https://blog.talosintelligence.com/2022/08/manjusaka-offensive-framework.html

TAGS: cobalt strike, elf, manjusaka, golang, rust

MALWARE FAMILIES: Cobalt Strike, Manjusaka

ATT&CK IDS: T1055 - Process Injection, T1082 - System Information Discovery, T1102 - Web Service, T1003 - OS Credential Dumping, T1059 - Command and Scripting Interpreter, T1049 - System Network Connections Discovery, T1083 - File and Directory Discovery, T1503 - Credentials from Web Browsers, T1566 - Phishing, T1094 - Custom Command and Control Protocol

Read More:

https://otx.alienvault.com/pulse/62ea3a0cf63686d8e88b74f4