 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: CobInt| Names | CobInt COOLPANTS | |
| Category | Malware | |
| Type | Downloader | |
| Description | (Proofpoint) CobInt is a downloader malware written in C. Its name is based on the association of the malware with the “Cobalt Group” threat actor and an internal DLL name of “int.dll” used in some of the samples. The malware can be broken up into three stages: an initial downloader that downloads the main component, the main component itself, and various additional modules. | |
| Information | <https://www.proofpoint.com/us/threat-insight/post/new-modular-downloaders-fingerprint-systems-part-3-cobint> <https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/cobalt_upd_ttps/> <https://asert.arbornetworks.com/double-the-infection-double-the-fun/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.cobint> | |
| AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:CobInt> | |
Last change to this tool card: 10 July 2020
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Cobalt Group |  | 2016-Oct 2019 |  | ||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |