ThreatFox IOC Database
You are viewing the ThreatFox database entry for domain csxv.sec.cm.
Database Entry
| IOC ID: | 1155921 |
|---|---|
| IOC: | csxv.sec.cm |
| IOC Type : | domain |
| Threat Type : | botnet_cc |
| Malware: | Cobalt Strike |
| Malware alias: | Agentemis, BEACON, CobaltStrike, cobeacon |
| Confidence Level : | Confidence level is high (100%) |
| Is compromised? : | False |
| ASN: | AS57523 changway-as |
| Country: |  HK |
| First seen: | 2023-09-09 20:06:55 UTC |
| Last seen: | 2026-06-10 18:00:51 UTC |
| UUID: | 6c97abfb-4f4c-11ee-9416-42010aa4000a |
| Reporter |  drb_ra |
| Reward | 5 credits from ThreatFox |
| Tags: | CHANGWAY-AS CobaltStrike cs-watermark-987654321 |
drb_ra
Cobalt Strike Server FoundC2: HTTP @ 185[.]81[.]68[.]90:8080
C2 Server: csxv[.]sec[.]cm,/image/
POST URI: /email/
Country: Russia
ASN: CHANGWAY-AS
Host Header: cdnoss[.]sec[.]cm