ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://hi.welcomebackmysillyson.win:2053/getimage.

Database Entry


IOC ID:850886
IOC: https://hi.welcomebackmysillyson.win:2053/getimage
IOC Type :url
Threat Type :botnet_cc
Malware: Cobalt Strike
Malware alias:Agentemis, BEACON, CobaltStrike, cobeacon
Confidence Level : Confidence level is high (100%)
First seen:2022-09-21 11:26:59 UTC
Last seen:never
UUID:4e7a0a28-39a0-11ed-ae73-42010aa4000a
Reporter @drb_ra
Reward 5 credits from ThreatFox
Tags:CobaltStrike

Twitter
@drb_ra
Cobalt Strike Server Found
C2: HTTPS @ 58[.]87[.]84[.]253:2053
C2 Server: hi[.]welcomebackmysillyson[.]win,/getimage
POST URI: /getid
Country: China
ASN: TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited
Host Header: hi[.]welcomebackmysillyson[.]win