CobaltStrike Stager Utilizing Floating Point Math
released on 2021-04-29 @ 07:57:04 PM
New CobaltStrike stagers are utilizing floating point mnemonics to decode out stager shellcode and they are using raw sockets and date value from Google headers to check overwritten sleep values such as in some sandbox detonations.