Archive for the ‘[QuickNote.En] CobaltStrike SMB Beacon Analysis’ Category

[QuickNote] CobaltStrike SMB Beacon Analysis

Posted: June 4, 2022 in My Tutorials, [QuickNote.En] CobaltStrike SMB Beacon Analysis
Tags: , , , , , , ,
1

1. Executive Summary

At VinCSS, I recently wrote an analysis related to the samples of the Mustang Panda (PlugX) group. These samples are all uploaded from Vietnam. You can read the Vietnamese or English blog post of this analysis.

However, in all the uploaded log.dll files, there is one file that is not related to the Mustang Panda group’s attack technique, it is marked as the following picture:

(more…)