The DFIR Report
@TheDFIRReport
Real Intrusions by Real Attackers, the Truth Behind the Intrusion.
Services: https://t.co/XW613EKt2w
03-04-2020 01:33:43
1,2K Tweets
52,1K Followers
0 Following
Interesting #CobaltStrike server:
➡️d0fe709e41[.]windows-defender[.]services
➡️Fronted with Cloudflare
➡️Beacon staged/C2 on multiple IPs
➡️Browser UA -> loads the below page
➡️License:987654321
Full list available through our AllIntel service @ thedfirreport.com/services/threa…