ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://boschko.herokuapp.com/jquery-3.3.1.min.js.

Database Entry


IOC ID:221612
IOC: http://boschko.herokuapp.com/jquery-3.3.1.min.js
IOC Type :url
Threat Type :botnet_cc
Malware: Cobalt Strike
Malware alias:Agentemis, BEACON, CobaltStrike
Confidence Level : Confidence level is high (100%)
First seen:2021-09-14 08:05:32 UTC
Last seen:never
UUID:88b081f6-1532-11ec-830d-42010aa4000a
Reporter @drb_ra
Reward 5 credits from ThreatFox
Tags:CobaltStrike DIGITALOCEAN-ASN

Twitter
@drb_ra
Cobalt Strike Server Found
C2: HTTP @ 138[.]197[.]135[.]224:80
C2 Server: boschko[.]herokuapp[.]com,/jquery-3[.]3[.]1[.]min[.]js,138[.]197[.]135[.]224,/jquery-3[.]3[.]1[.]min[.]js
POST URI: /jquery-3[.]3[.]2[.]min[.]js
Certificate: C=, ST=, L=, O=, OU=, CN=
Country: Canada
ASN: DIGITALOCEAN-ASN