Details

_id 619df14cbb193b9d448dc131
reference ['https://twitter.com/vk_intel/status/1463220334333730817/photo/1']
md5 []
sha1 []
sha256 []
mail []
ip ['37.1.208.91']
domain []
url ['http://37.1.208.91:80']
user VK_Intel
tweet @BIOISAC Thank you for the report. 📖The sample you shared as "tardigrade" appears to be a Cobalt Strike HTTP beacon crypted w/ typical Conti ransomware group crypter following "StartW" export function. 🛡️C2: http://37.1.208.91:80 ❔Do you have any "tardigrade" samples? https://twitter.com/VK_Intel/status/1463220334333730817/photo/1
id 1463220334333730817
retweets 7
link https://twitter.com/VK_Intel/status/1463220334333730817
mentions ['@BIOISAC']
hashtags []
date 2021-11-23 18:58:07
timestamp 1637722687

Tweet