ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://www.yase.me/jquery-3.3.1.min.js.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:221666
IOC: http://www.yase.me/jquery-3.3.1.min.js
IOC Type :url
Threat Type :botnet_cc
Malware: Cobalt Strike
Malware alias:Agentemis, BEACON, CobaltStrike, cobeacon
Confidence Level : Confidence level is high (100%)
ASN:AS396982 GOOGLE-CLOUD-PLATFORM
Country:- US
First seen:2021-09-14 09:46:16 UTC
Last seen:never
UUID:9ac69b20-1540-11ec-830d-42010aa4000a
Reporter drb_ra
Reward 5 credits from ThreatFox
Tags:CobaltStrike GIGABITBANK-AS-AP Gigabitbank Global

Avatar
drb_ra
Cobalt Strike Server Found
C2: HTTP @ 103[.]234[.]72[.]139:80
C2 Server: www[.]yase[.]me,/jquery-3[.]3[.]1[.]min[.]js
POST URI: /jquery-3[.]3[.]2[.]min[.]js
Certificate: O=CloudFlare, Inc[.], OU=CloudFlare Origin CA, CN=CloudFlare Origin Certificate
Country: Hong Kong
ASN: GIGABITBANK-AS-AP Gigabitbank Global
Host Header: www[.]yase[.]me