ThreatFox IOC Database

You are viewing the ThreatFox database entry for domain ekostroy33.ru.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1144026
IOC: ekostroy33.ru
IOC Type :domain
Threat Type :botnet_cc
Malware: Cobalt Strike
Malware alias:Agentemis, BEACON, CobaltStrike, cobeacon
Confidence Level : Confidence level is high (100%)
Is compromised? : False
ASN:AS48720 GOOGLE-CLOUD-PLATFORM
Country:- US
First seen:2023-07-31 11:01:39 UTC
Last seen:2026-06-10 19:45:28 UTC
UUID:a017f1d7-2f91-11ee-98a3-42010aa4000a
Reporter drb_ra
Reward 5 credits from ThreatFox
Tags:AS-SUISSE CobaltStrike cs-watermark-0

Avatar
drb_ra
Cobalt Strike Server Found
C2: HTTPS @ 194[.]169[.]175[.]143:443
C2 Server: gk-stst[.]ru,/Stop/affiliate/A3GFX8A5,ekostroy33[.]ru,/Stop/affiliate/A3GFX8A5,cargo-novorossiysk[.]ru,/Stop/affiliate/A3GFX8A5
POST URI: /communicate/object/8MC9ZOC8XNPD
Country: Netherlands
ASN: AS-SUISSE