The DFIR Report
@TheDFIRReport
Real Intrusions by Real Attackers, the Truth Behind the Intrusion.
Services: https://t.co/XW613EKt2w
03-04-2020 01:33:43
1,2K Tweets
52,1K Followers
0 Following
Interesting #CobaltStrike server:
➡️d0fe709e41[.]windows-defender[.]services
➡️Fronted with Cloudflare
➡️Beacon staged/C2 on multiple IPs
➡️Browser UA -> loads the below page
➡️License:987654321
Full list available through our AllIntel service @ thedfirreport.com/services/threa…
![Interesting #CobaltStrike server: ➡️d0fe709e41[.]windows-defender[.]services ➡️Fronted with Cloudflare ➡️Beacon staged/C2 on multiple IPs ➡️Browser UA -> loads the below page ➡️License:987654321 Full list available through our AllIntel service @ thedfirreport.com/services/threa…](https://pbs.twimg.com/media/GEKBHuaXsAAmVfe.jpg "The DFIR Report (@TheDFIRReport) on Twitter photo 2024-01-18 21:56:24 Interesting #CobaltStrike server: ➡️d0fe709e41[.]windows-defender[.]services ➡️Fronted with Cloudflare ➡️Beacon staged/C2 on multiple IPs ➡️Browser UA -> loads the below page ➡️License:987654321 Full list available through our AllIntel service @ thedfirreport.com/services/threa…")