Cobalt Strike Beacon Detected - 18[.]162[.]96[.]155:443 - RedPacket Security
Tags
country: Hong Kong
attack-pattern: Data Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Server - T1583.004 Server - T1584.004 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID 4d665724-9443-45cd-95df-549d3b6d0f64
Fingerprint 414b4b621f88eecd
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 19, 2024, 12:24 a.m.
Added to db Sept. 19, 2024, 1:26 a.m.
Last updated Nov. 17, 2024, 5:46 p.m.
Headline Cobalt Strike Beacon Detected – 18[.]162[.]96[.]155:443
Title Cobalt Strike Beacon Detected - 18[.]162[.]96[.]155:443 - RedPacket Security
Detected Hints/Tags/Attributes 24/2/11
Source URLs
Redirection Url
Details Source https://www.redpacketsecurity.com/cobalt-stike-beacon-detected-18-162-96-155-port-443/
Details Source https://www.redpacketsecurity.com/cobalt-stike-beacon-detected-18-162-96-155-port-4443/
URL Provider
Details Provider Source level domain
Details redpacketsecurity.com www.redpacketsecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 361 RedPacket Security https://www.redpacketsecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 77 
amazonaws.com
Details Domain 2 
mfmni.shop
Details Domain 1 
ec2-18-162-96-155.ap-east-1.compute.amazonaws.com
Details Domain 295 
amazon.com
Details Domain 2 
www.mfmni.shop
Details Domain 1 
3se9ewodke339f0e83.connectivitytests.com
Details File 383 
security.txt
Details File 343 
process-inject.exe
Details sha1 2 
8e919e8dfcf8c29d095dfa7b685fa085f5dd0b38
Details IPv4 1 
18.162.96.155
Details Url 2 
http://www.mfmni.shop