Cobalt Strike Beacon Detected - 124[.]71[.]192[.]162:443 - RedPacket Security
Tags
country: China
attack-pattern: Data Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Rundll32 - T1218.011 Server - T1583.004 Server - T1584.004 Software - T1592.002 Connection Proxy - T1090 Rundll32 - T1085
Show in Graph
Common Information
Type Value
UUID ae3ddf77-14c6-4d79-a2d7-cf240061299e
Fingerprint 414343601f8cca0d
Analysis status IN_PROGRESS
Considered CTI value 0
Text language
Published Oct. 20, 2024, 12:46 a.m.
Added to db Oct. 20, 2024, 2:44 a.m.
Last updated Nov. 12, 2024, 4:50 p.m.
Headline Cobalt Strike Beacon Detected – 124[.]71[.]192[.]162:443
Title Cobalt Strike Beacon Detected - 124[.]71[.]192[.]162:443 - RedPacket Security
Detected Hints/Tags/Attributes 23/2/8
Source URLs
Redirection Url
Details Source https://www.redpacketsecurity.com/cobalt-stike-beacon-detected-124-71-192-162-port-443/
URL Provider
Details Provider Source level domain
Details redpacketsecurity.com www.redpacketsecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 361 RedPacket Security https://www.redpacketsecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 16 
hwclouds-dns.com
Details Domain 1 
ecs-124-71-192-162.compute.hwclouds-dns.com
Details Domain 9 
ltd.co
Details Domain 1 
bk1cm59ddrtqb.cfc-execute.bj.baidubce.com
Details File 383 
security.txt
Details File 343 
process-inject.exe
Details sha1 64 
6ece5ece4192683d2d84e25b0ba7e04f9cb7eb7c
Details IPv4 1 
124.71.192.162