NEW | Hunt across all abuse.ch platforms with one simple query - discover if an IPv4 address, domain, URL or file hash has been identified on any platform from a centralized search tool. Test it out here hunting.abuse.ch - and happy hunting 🔍

ThreatFox Database

Indicators of Compromise (IOCs) on ThreatFox are associated with a certain malware fas. A malware sample can be associated with only one malware family. The page below gives you an overview on indicators of compromise associated with win.cobalt_strike.

You can also get this data through the ThreatFox API.

Database Entry

Malware: Cobalt Strike
Malware alias:Agentemis, BEACON, CobaltStrike, cobeacon
First seen:2020-12-16 15:19:53 UTC
Last seen:2025-03-14 16:58:29 UTC
Number of IOCs:108'330
Malpedia: https://malpedia.caad.fkie.fraunhofer.de/details/win.cobalt_strike

Indicators Of Compromise

The table below shows all indicators of compromise (IOCs) that are associated with this particulare malware family (max 1000).