top of page
Search

Gootkit Loader’s Updated Tactics and Fileless Delivery of Cobalt Strike

Gootkit has been known to use fileless techniques to drop Cobalt Strike and other malicious payloads. Insights from a recent attack reveal updates in its tactics.




MALWARE FAMILIES: Cobalt Strike, GootKit


ATT&CK IDS: T1059 - Command and Scripting Interpreter, T1140 - Deobfuscate/Decode Files or Information, T1189 - Drive-by Compromise, T1055 - Process Injection, T1003 - OS Credential Dumping, T1104 - Multi-Stage Channels, T1176 - Browser Extensions, T1053 - Scheduled Task/Job, T1112 - Modify Registry, T1059.001 - PowerShell


Read More:

 
 
 

Comentarios


Ya no es posible comentar esta entrada. Contacta al propietario del sitio para obtener más información.
bottom of page