cobaltstrike

Hive cobaltstrike ransomware
Hive, cobaltstrike, ransomware, wmiexec
From ScreenConnect to Hive Ransomware in 61 hours
Read more
September 25, 2023
adfind Attribution cobaltstrike
adfind, Attribution, cobaltstrike, Exfiltrate Data, FIN11, FlawedGrace, Lace Tempest, truebot
A Truly Graceful Wipe Out
Read more
June 12, 2023
nokoyawa adfind cobaltstrike
nokoyawa, adfind, cobaltstrike, icedid, macro, ransomware, xls
IcedID Macro Ends in Nokoyawa Ransomware
Read more
May 22, 2023
quantum adfind cobaltstrike
quantum, adfind, cobaltstrike, icedid, ransomware, rclone, ShareFinder
Malicious ISO File Leads to Domain Wide Ransomware
Read more
April 3, 2023
cobaltstrike Exfiltrate Data ursnif
cobaltstrike, Exfiltrate Data, ursnif, wmiexec
Unwrapping Ursnifs Gifts
Read more
January 9, 2023
adfind cobaltstrike ransomware
adfind, cobaltstrike, ransomware
Emotet Strikes Again - LNK File Leads to Domain Wide Ransomware
Read more
November 28, 2022
adfind bumblebee cobaltstrike
adfind, bumblebee, cobaltstrike, Meterpreter
BumbleBee Zeros in on Meterpreter
Read more
November 14, 2022
adfind cobaltstrike Qbot
adfind, cobaltstrike, Qbot
Follina Exploit Leads to Domain Compromise
Read more
October 31, 2022
adfind bumblebee cobaltstrike
adfind, bumblebee, cobaltstrike, Meterpreter
BumbleBee: Round Two
Read more
September 26, 2022
adfind cobaltstrike emotet
adfind, cobaltstrike, emotet, Exfiltrate Data, Kerberoast, ShareFinder
Dead or Alive? An Emotet Story
Read more
September 12, 2022

The DFIR Report provides in-depth, real-world intelligence based on observed intrusions, enabling security analysts and teams 
to strengthen defenses, enhance detection, 
and accelerate response.

© 2025 The DFIR Report. All Rights Reserved. | Privacy Policy