s2
--:--:--UTC

Searching APEX

Starting…

  1. Searching Threats, IOCs & Threat Intelligence locally
  2. Querying external providers
  3. Asking AI Forensic Validator
  4. Creating new entry from validated hit

0s elapsed

TF-1815778 high

📛 Threat Title

Cobalt Strike: ip:port combination that is used for botnet Command&control (C&C) 185.193.153.57:443

Category: Cobalt Strike Published: Source updated: First seen: Last updated: Source: Threatfox IOCs/Threats

Description

Indicator that identifies a botnet command&control server (C&C). IOC type: ip:port combination that is used for botnet Command&control (C&C). Attributed malware: Cobalt Strike (aliases: Agentemis,BEACON,CobaltStrike,cobeacon). Confidence: 100. Observed port: 443. First seen: 2026-05-18 07:33:45 UTC. Reporter: anonymous. Tags: apt41-barium, Cobalt-Strike, erebus-wraith.

Remediations (5)

  • Cobalt Strike
    web:download.cobaltstrike.com

    We would like to show you a description here but the site won't allow us.

  • www.akamai.com
    web:www.akamai.com

    We would like to show you a description here but the site won't allow us.

  • Elastic — The Search AI Company | Elastic
    web:www.elastic.co

    We would like to show you a description here but the site won't allow us.

  • Counter-Terrorist (Concept) - Giant Bomb Video Game Wiki
    web:www.giantbomb.com

    Counter-Terrorists in Counter- Strike 1.6 and Counter- Strike : Source are the opposing force of terrorists, counter-terrorists goals are to eliminate the terrorists and/or defuse a bomb (C4) which is planted in one of two bombsites, named Site A and Site B, maps which contain the bomb plant/defuse scenario are named accordingly, beginning with ...

  • Games and mods development for Windows, Linux and Mac - ModDB
    web:www.moddb.com

    Games and mods development for Windows, Linux and Mac - ModDB

Indicators of Compromise (1)

Each indicator is enriched from the IOC database, threat-intel feed corroboration (Threat Hunt) and VirusTotal. Click one to expand.

ipv4 185.193.153.57 VT: VT base fetch failed: HTTPError: 429 Client Error: Too Many Requests for url: https://www.virustotal.com/api/v3/ip_addresses/185.193.153.57

IOC database

Type
ipv4
Value
185.193.153.57
First seen
Last seen
Attached to this threat
Appears in
1 threat
Description
ip:port combination that is used for botnet Command&control (C&C) attributed to Cobalt Strike

Open the full IOC page →

Threat Hunt — feed corroboration

Not present in any configured threat-intel feed.

Details From VirusTotal

VirusTotal: VT base fetch failed: HTTPError: 429 Client Error: Too Many Requests for url: https://www.virustotal.com/api/v3/ip_addresses/185.193.153.57

References (2)

  • Malpedia profile Threatfox IOCs/Threats
  • ThreatFox IOC page Threatfox IOCs/Threats

    Indicator that identifies a botnet command&control server (C&C). IOC type: ip:port combination that is used for botnet Command&control (C&C). Attributed malware: Cobalt Strike (aliases: Agentemis,BEACON,CobaltStrike,cobeacon). Confidence: 100. Observed port: 443. First seen: 2026-05-18 07:33:45 UTC. Reporter: anonymous. Tags: apt41-barium, Cobalt-Strike, erebus-wraith.

AI Forensic Analysis

Only Available for Registered Users. Sign in to view.

VirusTotal Information

loading…

IP Geolocation

Loading…