This is a Cobalt Strike (CS) Beacon Object File (BOF) which exploits the CMSTPLUA COM interface. It masquerade the PEB of the current process to a Windows process, and then utilises COM Elevation ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results