ET Threatview.io High Confidence Cobalt Strike C2 IP group 12
Sourceet/open
CreatedDecember 9, 2021
UpdatedDecember 1, 2025
Classificationmisc-attack
alert ip [84.32.188.234,84.32.188.234,84.32.188.234,84.32.188.234,84.32.188.234,84.32.188.234,84.32.188.234,84.32.188.234,84.32.188.234,139.60.161.213,139.60.161.213,84.32.188.234,84.32.188.238,23.29.115.190,54.169.204.154,146.70.116.20,149.255.35.160,185.244.212.126,68.233.238.123,104.156.59.221,23.29.115.140,194.165.16.53,45.66.248.203,45.147.229.157,64.44.102.19,213.227.154.235,84.32.188.121,94.232.41.105,45.159.249.251,64.44.141.124,213.227.154.15,162.244.83.118,23.108.57.108,54.228.20.50,84.32.188.210,139.60.161.55,23.82.140.97,185.173.34.120,185.244.150.226,64.44.98.162,5.199.162.67,84.32.190.20,3.145.10.52,139.60.161.99,45.11.19.66,137.184.30.177,185.170.144.217,206.189.236.243,84.32.188.9,212.8.251.167] any -> $HOME_NET any (msg:"ET Threatview.io High Confidence Cobalt Strike C2 IP group 12"; reference:url,threatview.io/Downloads/High-Confidence-CobaltStrike-C2%20-Feeds.txt; threshold:type limit, track by_src, seconds 3600, count 1; classtype:misc-attack; sid:2527011; rev:1445; metadata:affected_product Any, attack_target Any, deployment Perimeter, tag Threatview_CS, signature_severity Major, created_at 2021_12_09, updated_at 2025_12_01;)
Metadata
affected productAny
attack targetAny
deploymentPerimeter
tagThreatview_CS
signature severityMajor
created at2021_12_09
updated at2025_12_01
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!