The DFIR Report

Interesting #CobaltStrike server:

➡️dash[.]cloudflareo[.]club
➡️➡️45.92.158.220
➡️Trevor profile (#trevorforget)
➡️URI: us/ky/louisville/312-s-fourth-st.html
➡️URI: OrderEntryService.asmx/AddOrderLine
➡️Spawn: gpupdate.exe

Full list available @ http://thedfirreport.com/services
#AllIntel

Services

Threat Intelligence Gain access to a comprehensive suite of threat intelligence, encompassing everything from raw data from our public reports, to specialized threat feeds, to in-depth tracking of …

The DFIR Report
Jan 17, 2023 at 12:59pmWeb