Details

_id 62eb6ec8348d24c6a7972c55
reference ['https://www.virustotal.com/gui/file/ca29912297f84253ef2c1638df3b9424104d723a0c48e765a5441f1df608c0f9/detection', 'https://twitter.com/cyb3rops/status/1554841952520388608/photo/1', 'https://www.sentinelone.com/blog/living-off-windows-defender-lockbit-ransomware-sideloads-cobalt-strike-through-microsoft-security-tool/']
md5 []
sha1 []
sha256 ['ca29912297f84253ef2c1638df3b9424104d723a0c48e765a5441f1df608c0f9']
mail []
ip []
domain []
url []
user cyb3rops
tweet That's an interesting beacon loader used in DLL side-loading with MpCmdRun.exe Sample https://www.virustotal.com/gui/file/ca29912297f84253ef2c1638df3b9424104d723a0c48e765a5441f1df608c0f9/detection Report on the DLL side-loading https://www.sentinelone.com/blog/living-off-windows-defender-lockbit-ransomware-sideloads-cobalt-strike-through-microsoft-security-tool/ https://twitter.com/cyb3rops/status/1554841952520388608/photo/1
id 1554841952520388608
retweets 23
link https://twitter.com/cyb3rops/status/1554841952520388608
mentions []
hashtags []
date 2022-08-03 14:49:43
timestamp 1659563383

Tweet