ioc[.]one - OSINT Cyber Threat Intelligence Database

DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework

Tags

cmtmf-attack-pattern:	Code Injection
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Code Injection - T1540 Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Ntds - T1003.003 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerability Scanning - T1595.002

Show in Graph

Common Information

Type	Value
UUID	f1651f63-e045-4389-8002-e14c359ae5f1
Fingerprint	ae33885109919883
Analysis status	DONE
Considered CTI value	0
Text language
Published	Nov. 8, 2022, midnight
Added to db	Oct. 15, 2024, 4:10 p.m.
Last updated	Nov. 6, 2024, 11:05 a.m.
Headline	DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework
Title	DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework
Detected Hints/Tags/Attributes	79/3/45

Source URLs

	Redirection	Url
Details	Source	https://www.trendmicro.com/en_sg/research/22/k/deimosc2-what-soc-analysts-and-incident-responders-need-to-know.html
Details	Source	https://www.trendmicro.com/en_my/research/22/k/deimosc2-what-soc-analysts-and-incident-responders-need-to-know.html
Details	Source	https://www.trendmicro.com/en_au/research/22/k/deimosc2-what-soc-analysts-and-incident-responders-need-to-know.html
Details	Source	https://www.trendmicro.com/en_in/research/22/k/deimosc2-what-soc-analysts-and-incident-responders-need-to-know.html

URL Provider

Details	Provider	Source level domain
Details	trendmicro.com	www.trendmicro.com

Attributes

Details	Type	#Events	Value
Details	Domain	6	dns.google.com
Details	Domain	24	dns.google
Details	IPv4	2	3.133.59.113
Details	IPv4	2	3.17.189.71
Details	IPv4	3	5.101.4.196
Details	IPv4	4	5.101.5.196
Details	IPv4	2	13.211.163.117
Details	IPv4	2	35.193.194.65
Details	IPv4	2	35.238.243.202
Details	IPv4	2	39.101.198.2
Details	IPv4	2	45.12.32.61
Details	IPv4	2	45.32.29.78
Details	IPv4	2	45.76.148.163
Details	IPv4	2	47.241.40.139
Details	IPv4	2	49.233.238.185
Details	IPv4	2	50.17.89.130
Details	IPv4	2	51.161.75.139
Details	IPv4	2	51.222.169.4
Details	IPv4	2	54.205.246.190
Details	IPv4	2	69.197.131.198
Details	IPv4	2	80.211.130.78
Details	IPv4	2	84.246.85.157
Details	IPv4	2	95.179.228.18
Details	IPv4	2	104.131.12.204
Details	IPv4	2	106.13.236.30
Details	IPv4	3	108.61.186.55
Details	IPv4	2	117.50.31.161
Details	IPv4	2	120.92.9.225
Details	IPv4	2	124.156.148.70
Details	IPv4	2	145.239.41.145
Details	IPv4	2	152.32.212.101
Details	IPv4	2	154.221.28.248
Details	IPv4	2	157.230.93.100
Details	IPv4	2	162.219.33.194
Details	IPv4	2	162.219.33.195
Details	IPv4	2	162.219.33.196
Details	IPv4	2	172.104.163.114
Details	IPv4	2	172.105.107.243
Details	IPv4	2	182.92.189.18
Details	IPv4	4	185.173.36.219
Details	IPv4	2	185.232.30.2
Details	IPv4	2	185.232.31.2
Details	IPv4	2	203.41.204.180
Details	IPv4	2	206.189.196.189
Details	IPv4	2	218.253.251.120