ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://123.56.83.204:5050/__utm.gif.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1131740
IOC: http://123.56.83.204:5050/__utm.gif
IOC Type :url
Threat Type :botnet_cc
Malware: Cobalt Strike
Malware alias:Agentemis, BEACON, CobaltStrike, cobeacon
Confidence Level : Confidence level is high (100%)
Is compromised? : False
ASN:AS37963 ALIBABA-CN-NET
Country:- CN
First seen:2023-06-19 13:54:11 UTC
Last seen:never
UUID:c4af1af7-0ea8-11ee-b1e6-42010aa4000a
Reporter drb_ra
Reward 10 credits from
Tags:ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.Ltd. CobaltStrike cs-watermark-426352781

Avatar
drb_ra
Cobalt Strike Server Found
C2: HTTP @ 123[.]56[.]83[.]204:5050
C2 Server: 123[.]56[.]83[.]204,/__utm[.]gif
POST URI: /submit[.]php
Country: China
ASN: ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd.