ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://39.99.34.125:8443/lib/v2/wcp-consent.js.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1289965
IOC: https://39.99.34.125:8443/lib/v2/wcp-consent.js
IOC Type :url
Threat Type :botnet_cc
Malware: Cobalt Strike
Malware alias:Agentemis, BEACON, CobaltStrike, cobeacon
Confidence Level : Confidence level is high (100%)
ASN:AS701 UUNET
Country:- US
First seen:2024-06-28 08:51:58 UTC
Last seen:never
UUID:ad720a44-352b-11ef-8261-42010aa4000a
Reporter drb_ra
Reward 10 credits from Jerome
Tags:CobaltStrike cs-watermark-666666666 Hangzhou Alibaba Advertising Co.Ltd.

Avatar
drb_ra
Cobalt Strike Server Found
C2: HTTPS @ 39[.]99[.]34[.]125:8443
C2 Server: 39[.]99[.]34[.]125,/lib/v2/wcp-consent[.]js
POST URI: /lib/v2/recaptcha__en[.]js
Country: China
ASN: Hangzhou Alibaba Advertising Co.,Ltd.
Host Header: static[.]microsoft[.]com