New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update cobaltstrike-1.txt #19132
base: master
Are you sure you want to change the base?
Update cobaltstrike-1.txt #19132
Conversation
Add Malicious IP: REFERENCE: https://github.com/conexioninversa/MalwareIntel/blob/main/C2_CobaltStrikeBeacon.csv
omg... this will take some time for me. Will re-work your records. |
If you want I can leave only IP and port. |
Usually I parse https://github.com/conexioninversa/C2Intel/blob/main/C2Domain.csv once a week. If I lucky today to have stable electricity in the evening, I would proceed your PR. |
All is done for now. No need to create these trails: they do live in I have refactored detections you've proposed for merging and put them to respective trails minus some FPs. Quesion: https://github.com/conexioninversa/MalwareIntel/blob/main/C2_Panda.txt <-- what is it in your case? Because some vendors put name Panda for multiple Zeus banking trojan variations. And I'm little bit confused of |
Basically it is from various reversing performed on various samples obtained. |
OK, expecting info from you. Thank you! |
Add malicious IP CobaltStrike beacon:
Reference: https://github.com/conexioninversa/MalwareIntel/blob/main/C2_CobaltStrikeBeacon.csv