John F · @Abjuri5t
7 followers · 3 posts · Server infosec.exchangeCluster of #C2 servers hosted by #PartnerLLC on 77.73.133[.]0/24 ☢️
Includes:
- #Lilith bot 🤖
- #RaccoonStealer 🕵️♂️
- #CobaltStrike - especially active at 77.73.133[.]20, 77.73.133[.]93, 77.73.133[.]120
- #RedLineStealer 🕵️
I’m working to rebuild my automated C2 tracking over on https://abjuri5t.github.io/SarlackLab/. Figured I’d start sharing some of the data I have gathered with the community.
As per @pixelnull‘s suggestion, I’m tagging this with #IOC for threat intel visibility
#c2 #partnerllc #lilith #raccoonstealer #cobaltstrike #RedLineStealer #ioc
John F · @Abjuri5t
57 followers · 11 posts · Server infosec.exchangeCluster of #C2 servers hosted by #PartnerLLC on 77.73.133[.]0/24 ☢️
Includes:
- #Lilith bot 🤖
- #RaccoonStealer 🕵️♂️
- #CobaltStrike - especially active at 77.73.133[.]20, 77.73.133[.]93, 77.73.133[.]120
- #RedLineStealer 🕵️
I’m working to rebuild my automated C2 tracking over on https://abjuri5t.github.io/SarlackLab/. Figured I’d start sharing some of the data I have gathered with the community.
As per @pixelnull‘s suggestion, I’m tagging this with #IOC for threat intel visibility
#c2 #partnerllc #lilith #raccoonstealer #cobaltstrike #RedLineStealer #ioc