It’s easy to find yourself as a malware researcher looking at some unimaginative samples, which can be good for learning but sometimes you find one that someone actually invested some time into. While ripping this apart I noticed that most of the setup was mimicking a CobaltStrike setup from a redteam blog.