Skip to content

Hide Navigation Hide TOC

Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6)

Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as “adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors”. Cobalt Strike’s interactive post-exploit capabilities cover the full range of ATT&CK tactics, all executed within a single, integrated system.[cobaltstrike manual]

In addition to its own capabilities, Cobalt Strike leverages the capabilities of other well-known tools such as Metasploit and Mimikatz.[cobaltstrike manual]

Cluster A Galaxy A Cluster B Galaxy B Level
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software APT19 (713e2963-fbf4-406f-a8cf-6a4489d90439) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software TA505 (b3220638-6682-4a4e-ab64-e7dc4202a3f1) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software APT20 (4173c301-0307-458d-89dd-2583e94247ec) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software APT29 (4c3e48b9-4426-4271-a7af-c3dfad79f447) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Play (60f686d0-ae3d-5662-af32-119217dee2a7) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software TA577 (e1e72810-4661-54c7-b05e-859128fb327d) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Play Ransomware Actors (Deprecated) (6eb50f82-86cc-4eff-b1d1-66e1c6fd74f3) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software TA577 (Deprecated) (28f3dbcc-b248-442f-9ff3-234210bb2f2a) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software APT32 (c0fe9859-e8de-4ce1-bc3c-b489e914a145) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software DarkHydrus (f2b31240-0b4a-4fa4-82a4-6bb00e146e75) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Indrik Spider (3c7ad595-1940-40fc-b9ca-3e649c1e5d87) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software APT37 (013fdfdc-aa32-4779-8f6e-7920615cbf66) Tidal Groups 1
Quantum Ransomware Actors (e75a1b98-be68-467f-a8df-bcb7671543b3) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Threat Group-3390 (79be2f31-5626-425e-844c-fd9c99e38fe5) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software APT41 (502223ee-8947-42f8-a532-a3b3da12b7d9) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Earth Lusca (646e35d2-75de-4c1d-8ad3-616d3e155c5e) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software RansomHub Ransomware Actors (94794e7b-8b54-4be8-885a-fd1009425ed5) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software ToddyCat (0f41da7d-1e47-58fe-ba6e-ee658a985e1b) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Leviathan (eadd78e3-3b5d-430a-b994-4360b172c871) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Aquatic Panda (b8a349a6-cde1-4d95-b20f-44c62bbfc786) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Royal Ransomware Actors (86b97a39-49c3-431e-bcc8-f4e13dbfcdf5) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software LuminousMoth (b10aa4c0-10a1-5e08-8d9d-82ce95d45e6a) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software FIN11 (ecdbd431-d62b-4b30-8663-b1ecb4304ec0) Tidal Groups 1
Bl00dy Ransomware Gang (393da13e-016c-41a3-9d89-b33173adecbf) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software FIN12 (6d6ed42c-760c-4964-a81e-1d4df06a8800) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Sandworm Team (16a65ee9-cd60-4f04-ba34-f2f45fcfc666) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Black Basta Affiliates (7f52cadb-7a12-4b9d-9290-1ef02123fbe4) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software BlackCat Ransomware Actors & Affiliates (33159d02-a1ce-49ec-a381-60b069db66f7) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Vice Society (2e2d3e75-1160-4ba5-80cc-8e7685fcfc44) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software BlackSuit Ransomware Actors (1d751794-ce94-4936-bf45-4ab86d0e3b6e) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software menuPass (fb93231d-2ae4-45da-9dea-4c372a11f322) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software FIN6 (fcaadc12-7c17-4946-a9dc-976ed610854c) Tidal Groups 1
FIN7 (4348c510-50fc-4448-ab8d-c8cededd19ff) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
CACTUS Ransomware Actors (fac6fbf1-935f-4106-ad8b-c8fd8389dd38) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Chimera (ca93af75-0ffa-4df4-b86a-92d4d50e496e) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Cinnamon Tempest (8e059c6b-d278-5454-a234-a8ad69feb66c) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Mustang Panda (4a4641b1-7686-49da-8d83-00d8013f4b47) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Wizard Spider (0b431229-036f-4157-a1da-ff16dfc095f8) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Mustard Tempest (0898e7cb-118e-5eeb-b856-04e56ed18182) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Storm-0501 (de72d564-6487-4cf3-be3e-0a961cf15d5d) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Cobalt Group (58db02e6-d908-47c2-bc82-ed58ada61331) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software CopyKittens (6a8f5eca-8ecc-4bff-9c5f-5380e044ed5b) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Storm-1811 (ee2da206-2532-44e3-a343-d66e9bfdbca0) Tidal Groups 1