ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 47.242.4.97:443.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1646353
IOC: 47.242.4.97:443
IOC Type :ip:port
Threat Type :botnet_cc
Malware: Cobalt Strike
Malware alias:Agentemis, BEACON, CobaltStrike, cobeacon
Confidence Level : Confidence level is high (100%)
ASN:AS45102 ALIBABA-CN-NET
Country:- CN
First seen:2025-11-18 23:00:13 UTC
Last seen:2025-12-09 18:56:51 UTC
UUID:577db2e7-c4d2-11f0-ad21-42010aa4000a
Reporter dyingbreeds_
Reward 10 credits from anonymous
Tags:AS45102 c2 censys
Reference: https://search.censys.io/hosts/47.242.4.97

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2025-12-07 11:10:09 5917b119c45deae6ebba17f74bdee293079a191cfcffc5be2fb4c856a55e0498
2025-12-06 23:05:08 5fc803d3a97caa8c482a4e69cdc513e72a2c8c8eac47329c481b1da792deab46
2025-12-06 23:05:05 9e0833cb67e666b9f3ee513c162d99287ea61fda8efb10b35ea659cc58c4998d
2025-12-06 23:00:11 b8da01345eaa92f4823e5c6097ec592e4e4666380ec4108a350bff0e6cd7d344
2025-12-06 23:00:08 bcc7edf9b378c1d5d8cabfe784a1190f1b05b15196e7d578889718b6b9af1de7