Cobalt Strike Beacon Detected - 34[.]232[.]187[.]165:443 - RedPacket Security
Tags
country: United States Of America
attack-pattern: Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Rundll32 - T1218.011 Server - T1583.004 Server - T1584.004 Connection Proxy - T1090 Rundll32 - T1085
Show in Graph
Common Information
Type Value
UUID 9ae0f4ad-4622-4b0e-b989-7f8e4cc0d527
Fingerprint c14b5b665f8cce4d
Analysis status DONE
Considered CTI value 0
Text language
Published Nov. 7, 2024, 12:15 p.m.
Added to db Nov. 7, 2024, 1:51 p.m.
Last updated Nov. 17, 2024, 5:46 p.m.
Headline Cobalt Strike Beacon Detected – 34[.]232[.]187[.]165:443
Title Cobalt Strike Beacon Detected - 34[.]232[.]187[.]165:443 - RedPacket Security
Detected Hints/Tags/Attributes 23/2/10
Source URLs
Redirection Url
Details Source https://www.redpacketsecurity.com/cobalt-stike-beacon-detected-34-232-187-165-port-443/
URL Provider
Details Provider Source level domain
Details redpacketsecurity.com www.redpacketsecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 361 RedPacket Security https://www.redpacketsecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 77 
amazonaws.com
Details Domain 1 
ec2-34-232-187-165.compute-1.amazonaws.com
Details Domain 295 
amazon.com
Details Domain 31 
onedrive.live.com
Details Domain 4 
sfx.ms
Details File 383 
security.txt
Details File 343 
process-inject.exe
Details sha1 1 
aad884dbbb23e6ea11598fa90360404f77e1d199
Details IPv4 1 
34.232.187.165
Details Url 3 
https://p.sfx.ms/sa.html?s=