NetDefend IPS
IPS Advisories
NetDefend
Anti-Virus
Anti-Virus Advisories
NetDefend Web Content Filtering
NetDefend IP Reputation
NetDefend Update Center
IPS History
Jul 11, 2024
Anti-Virus History
Feb 12, 2022
Jan 06, 2022
Oct 23, 2021
Aug 29, 2021
Aug 23, 2021







Home > NetDefend Live > NetDefend IPS Service
NetDefend IPS Service
Print
Advisory ID
48614
Name
MALWARE.SSLOAD.INFECTION.LEADS.TO.COBALT.STRIKE.B
IPS Signature
Advanced IPS Signature
IPS Group
IPS / MALWARE / GENERAL
Issued
May 30, 2024
Description
A malicious Word document with enabled macros drops and runs the SSLoad DLL, which is scheduled to restart every 10 minutes. The SSLoad DLL retrieves a Cobalt Strike DLL, but it doesn't execute. The Cobalt Strike DLL generates C2 traffic to a non-responsive server, indicating a failed infection attempt.
Enter your details in the box below to receive an email each time we post a new issue of our newsletter.







Jul 25, 2024