Skip to content

Hide Navigation Hide TOC

Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6)

Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as “adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors”. Cobalt Strike’s interactive post-exploit capabilities cover the full range of ATT&CK tactics, all executed within a single, integrated system.[cobaltstrike manual]

In addition to its own capabilities, Cobalt Strike leverages the capabilities of other well-known tools such as Metasploit and Mimikatz.[cobaltstrike manual]

Cluster A Galaxy A Cluster B Galaxy B Level
LuminousMoth (b10aa4c0-10a1-5e08-8d9d-82ce95d45e6a) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Chimera (ca93af75-0ffa-4df4-b86a-92d4d50e496e) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Cinnamon Tempest (8e059c6b-d278-5454-a234-a8ad69feb66c) Tidal Groups 1
FIN6 (fcaadc12-7c17-4946-a9dc-976ed610854c) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Quantum Ransomware Actors (e75a1b98-be68-467f-a8df-bcb7671543b3) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Water Curupira (4c8288fd-df9f-48b7-911b-19651074561d) Tidal Groups 1
FIN7 (4348c510-50fc-4448-ab8d-c8cededd19ff) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
APT20 (4173c301-0307-458d-89dd-2583e94247ec) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Cobalt Group (58db02e6-d908-47c2-bc82-ed58ada61331) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software TA505 (b3220638-6682-4a4e-ab64-e7dc4202a3f1) Tidal Groups 1
APT19 (713e2963-fbf4-406f-a8cf-6a4489d90439) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
RansomHub Ransomware Actors (94794e7b-8b54-4be8-885a-fd1009425ed5) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
APT29 (4c3e48b9-4426-4271-a7af-c3dfad79f447) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
CopyKittens (6a8f5eca-8ecc-4bff-9c5f-5380e044ed5b) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software TA577 (e1e72810-4661-54c7-b05e-859128fb327d) Tidal Groups 1
Cuba Ransomware Actors (5216ac81-da4c-4b87-86ce-b90a651f1048) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
menuPass (fb93231d-2ae4-45da-9dea-4c372a11f322) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Wizard Spider (0b431229-036f-4157-a1da-ff16dfc095f8) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
APT32 (c0fe9859-e8de-4ce1-bc3c-b489e914a145) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Royal Ransomware Actors (86b97a39-49c3-431e-bcc8-f4e13dbfcdf5) Tidal Groups 1
APT37 (013fdfdc-aa32-4779-8f6e-7920615cbf66) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Ghost Ransomware Actors (9dc09b70-b1c0-45d1-94a8-490943c69166) Tidal Groups 1
APT41 (502223ee-8947-42f8-a532-a3b3da12b7d9) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Threat Group-3390 (79be2f31-5626-425e-844c-fd9c99e38fe5) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Gold Dupont (ebf63407-9772-4f38-93ad-48b8c9bb0bcf) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
ToddyCat (0f41da7d-1e47-58fe-ba6e-ee658a985e1b) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Sandworm Team (16a65ee9-cd60-4f04-ba34-f2f45fcfc666) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Mustang Panda (4a4641b1-7686-49da-8d83-00d8013f4b47) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
DarkHydrus (f2b31240-0b4a-4fa4-82a4-6bb00e146e75) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Mustard Tempest (0898e7cb-118e-5eeb-b856-04e56ed18182) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Aquatic Panda (b8a349a6-cde1-4d95-b20f-44c62bbfc786) Tidal Groups 1
UAC-0098 (9d665cc1-8ecc-4064-8221-c74bd6ffd97a) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
DragonForce Ransomware Group (a58f147b-1f02-427d-a375-c4246335cb20) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Earth Lusca (646e35d2-75de-4c1d-8ad3-616d3e155c5e) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Bl00dy Ransomware Gang (393da13e-016c-41a3-9d89-b33173adecbf) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Black Basta Affiliates (7f52cadb-7a12-4b9d-9290-1ef02123fbe4) Tidal Groups 1
Indrik Spider (3c7ad595-1940-40fc-b9ca-3e649c1e5d87) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
BlackByte (94f5c644-d36a-59b0-b7e2-7a1d3413443d) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
BlackCat Ransomware Actors & Affiliates (33159d02-a1ce-49ec-a381-60b069db66f7) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software BlackSuit Ransomware Actors (1d751794-ce94-4936-bf45-4ab86d0e3b6e) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Everest Ransomware Actors (6636ab8d-871f-4353-a1a5-81c8d7cacca4) Tidal Groups 1
Play (60f686d0-ae3d-5662-af32-119217dee2a7) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Storm-0501 (de72d564-6487-4cf3-be3e-0a961cf15d5d) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Vice Society (2e2d3e75-1160-4ba5-80cc-8e7685fcfc44) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
CACTUS Ransomware Actors (fac6fbf1-935f-4106-ad8b-c8fd8389dd38) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Storm-1811 (f17d1768-9563-539a-8d3a-e3e9500658bf) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Leviathan (eadd78e3-3b5d-430a-b994-4360b172c871) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software Storm-1811 (Deprecated) (ee2da206-2532-44e3-a343-d66e9bfdbca0) Tidal Groups 1
Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software LIMINAL PANDA (f9f9358a-f708-4794-af35-784c532427cf) Tidal Groups 1
FIN11 (ecdbd431-d62b-4b30-8663-b1ecb4304ec0) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1
FIN12 (6d6ed42c-760c-4964-a81e-1d4df06a8800) Tidal Groups Cobalt Strike (9b6bcbba-3ab4-4a4c-a233-cd12254823f6) Tidal Software 1