ET Threatview.io High Confidence Cobalt Strike C2 IP group 14

SID: 2527013Rev: 1621392 views
History
Sourceet/open
CreatedDecember 9, 2021
UpdatedMay 29, 2026
Classificationmisc-attack
alert ip [64.44.102.19,213.227.154.235,84.32.188.121,94.232.41.105,45.159.249.251,64.44.141.124,213.227.154.15,162.244.83.118,23.108.57.108,54.228.20.50,84.32.188.210,139.60.161.55,23.82.140.97,185.173.34.120,185.244.150.226,64.44.98.162,5.199.162.67,84.32.190.20,3.145.10.52,139.60.161.99,45.11.19.66,137.184.30.177,185.170.144.217,206.189.236.243,84.32.188.9,212.8.251.167,3.13.126.118,108.62.118.65,139.60.161.52,23.227.202.198,84.32.188.54,15.235.140.234,146.0.72.97,84.32.188.238,5.199.168.103,108.62.118.133,143.198.27.227,139.60.160.21,139.60.161.227,52.14.55.184,146.70.87.164,137.184.30.177,84.32.188.214,146.0.72.90,139.60.161.165,139.60.161.167,190.123.44.228,162.244.82.15,146.0.72.81,84.32.188.197] any -> $HOME_NET any (msg:"ET Threatview.io High Confidence Cobalt Strike C2 IP group 14"; reference:url,threatview.io/Downloads/High-Confidence-CobaltStrike-C2%20-Feeds.txt; threshold:type limit, track by_src, seconds 3600, count 1; classtype:misc-attack; sid:2527013; rev:1621; metadata:affected_product Any, attack_target Any, deployment Perimeter, tag Threatview_CS, signature_severity Major, created_at 2021_12_09, updated_at 2026_05_29;)

References

urlthreatview.io/Downloads/High-Confidence-CobaltStrike-C2%20-Feeds.txt

Metadata

affected productAny
attack targetAny
deploymentPerimeter
tagThreatview_CS
signature severityMajor
created at2021_12_09
updated at2026_05_29

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!