Cobalt Strike Beacon Detected - 54[.]238[.]39[.]64:443 - RedPacket Security
Common Information
Type Value
UUID 397a92cc-27f5-47da-87e2-4d54b6d7be11
Fingerprint 414b4b605f8cce4d
Analysis status IN_PROGRESS
Considered CTI value 0
Text language
Published Dec. 23, 2024, 12:03 p.m.
Added to db Dec. 23, 2024, 3:09 p.m.
Last updated Dec. 23, 2024, 3:10 p.m.
Headline Cobalt Strike Beacon Detected – 54[.]238[.]39[.]64:443
Title Cobalt Strike Beacon Detected - 54[.]238[.]39[.]64:443 - RedPacket Security
Detected Hints/Tags/Attributes 23/2/11
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 361 RedPacket Security https://www.redpacketsecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 90
amazonaws.com
Details Domain 1
south-polarisaustralis.com
Details Domain 1
ec2-54-238-39-64.ap-northeast-1.compute.amazonaws.com
Details Domain 1
bravo.south-polarisaustralis.com
Details Domain 334
amazon.com
Details Domain 1
d2rtpgoredf4t3.cloudfront.net
Details Domain 1
dsr4dyvbextic.cloudfront.net
Details File 478
security.txt
Details File 430
process-inject.exe
Details sha1 1
b465150aa7f4fe68d9ccca226d3241c2cf911c42
Details IPv4 1
54.238.39.64