SYMBOLCOMMON_NAMEaka. SYNONYMS
win.cobaltmirage_tunnel (Back to overview)

CobaltMirage FRP


This Go written malware was observed during campaign of COBALT MIRAGE; it includes FRP (Fast Reverse Proxy) published by fatedier on GitHub (https://github.com/fatedier/frp) and other projects additionally.

References
2022-05-12SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20220512:cobalt:6d50163, author = {Counter Threat Unit ResearchTeam}, title = {{COBALT MIRAGE Conducts Ransomware Operations in U.S.}}, date = {2022-05-12}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/cobalt-mirage-conducts-ransomware-operations-in-us}, language = {English}, urldate = {2022-05-13} } COBALT MIRAGE Conducts Ransomware Operations in U.S.
CobaltMirage FRP

There is no Yara-Signature yet.