Cobalt Strike Beacon Detected - 118[.]25[.]91[.]151:80 - RedPacket Security
Tags
country: China
attack-pattern: Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Server - T1583.004 Server - T1584.004 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID 261cb9c4-4cc0-456d-a5f2-a60afa46673c
Fingerprint 416b53445f84ce85
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 21, 2024, 12:02 p.m.
Added to db Dec. 21, 2024, 3:57 p.m.
Last updated Dec. 21, 2024, 3:58 p.m.
Headline Cobalt Strike Beacon Detected – 118[.]25[.]91[.]151:80
Title Cobalt Strike Beacon Detected - 118[.]25[.]91[.]151:80 - RedPacket Security
Detected Hints/Tags/Attributes 21/2/8
Source URLs
Redirection Url
Details Source https://www.redpacketsecurity.com/cobalt-stike-beacon-detected-118-25-91-151-port-80/
URL Provider
Details Provider Source level domain
Details redpacketsecurity.com www.redpacketsecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 361 RedPacket Security https://www.redpacketsecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Url 3 
https://edr.sangfor.com.cn
Details Domain 9 
edr.sangfor.com.cn
Details File 469 
security.txt
Details File 422 
process-inject.exe
Details File 577 
ntdll.dll
Details File 814 
kernel32.dll
Details IPv4 1 
118.25.91.151
Details IPv4 1 
42.194.242.147