← Back to Pulse Feed
PULSE DETAIL
**OTX Pulse: Cobalt Strike Infrastructure Detection**
Recent analysis has identified 50 indicators associated with Cobalt infrastructure, including IPs, URLs, and hashes linked to various malware frameworks such as FAKEUPDATES, Lumma Stealer, and Mirai. The detection aligns with MITRE ATT&CK techniques T1203 (Exploitation for Client Execution) and T1071 (Application Layer Protocol), indicating active exploitation attempts. The average BDE (Big Data analytics Energy) Score for these indicators is 85, with detection timestamp recorded.
**BDE Score: 85**
**Detection Timestamp: [Insert Timestamp Here]**
Indicators of Compromise (17)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| domain | weedhack.cy | BDE: 85 | 2026-01-15 | |
| domain | receiver.cy | BDE: 85 | 2026-01-15 | |
| hostname | gallery.lorellaparis.com | BDE: 85 | 2026-01-15 | |
| hostname | joinnow.diasporamedia.net | BDE: 85 | 2026-01-15 | |
| domain | bimonwz.cyou | BDE: 85 | 2026-01-15 | |
| domain | inconzy.cyou | BDE: 85 | 2026-01-15 | |
| domain | swimglii.cyou | BDE: 85 | 2026-01-15 | |
| domain | schemaqa.cyou | BDE: 85 | 2026-01-15 | |
| domain | rumordoz.cyou | BDE: 85 | 2026-01-15 | |
| domain | triniliu.cyou | BDE: 85 | 2026-01-15 | |
| domain | reveiley.cyou | BDE: 85 | 2026-01-15 | |
| domain | mirelvse.cyou | BDE: 85 | 2026-01-15 | |
| domain | antliafo.cyou | BDE: 85 | 2026-01-15 | |
| domain | irregukw.cyou | BDE: 85 | 2026-01-15 | |
| FileHash-SHA256 | 392f6b46f45bad21bf7e18de9d62f46651516f7e1b89e2581a1e4e7f71df141b | BDE: 85 | 2026-01-15 | |
| FileHash-MD5 | 8eab9c3ac312c3d690ee04fbb4ea5f18 | BDE: 85 | 2026-01-15 | |
| FileHash-SHA256 | 0809d8fbf4c168476737f385085c9fe2b4e23f0a4268d130145016814e6ee25e | BDE: 85 | 2026-01-15 |