CobInt

Description

(Proofpoint) CobInt is a downloader malware written in C. Its name is based on the association of the malware with the “Cobalt Group” threat actor and an internal DLL name of “int.dll” used in some of the samples. The malware can be broken up into three stages: an initial downloader that downloads the main component, the main component itself, and various additional modules.

Names

Name
CobInt
COOLPANTS

Type

Downloader

Information

https://www.proofpoint.com/us/threat-insight/post/new-modular-downloaders-fingerprint-systems-part-3-cobint
https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/cobalt_upd_ttps/
https://asert.arbornetworks.com/double-the-infection-double-the-fun/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.cobint

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:CobInt

Other Information

Uuid

5f33f6de-c7c2-4598-884e-96f2720c1db6

Last Card Change

2020-07-10

Threat Intelligence Garden

Explorer

CobInt

CobInt

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks