{"Endpoints":{"http:62000":{"Firsttime":1767193705.5471349,"lasttime":1767654698.0485575,"paths":["/MicrosoftUpdate/ShellEx/KB242742/default.aspx"],"port":"62000","protocol":"http","seen_in":[{"arch":"x86","beacon_ip":"150.158.121.15","beacon_port":"62000","config_hash":"32f95e5705c06d20f2fe6885b09a1d85ec72b514683ee2bd19a687c5b017cdd3","trial":false,"ts":1767654696.5676787,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x64","beacon_ip":"150.158.121.15","beacon_port":"62000","config_hash":"1726d72b8b608e8f3f81ee42d059b692ccbb711dce4d0b9724a284c5b5eacd4e","trial":false,"ts":1767654698.0485575,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321}],"submituris":["/MicrosoftUpdate/GetUpdate/KB"],"urls":["http://150.158.121.15:62000/MicrosoftUpdate/GetUpdate/KB","http://150.158.121.15:62000/MicrosoftUpdate/ShellEx/KB242742/default.aspx/MicrosoftUpdate/GetUpdate/KB"]},"https:8000":{"Firsttime":1767389278.694343,"lasttime":1767654703.3651133,"paths":["/MicrosoftUpdate/ShellEx/KB242742/default.aspx"],"port":"8000","protocol":"https","seen_in":[{"arch":"x86","beacon_ip":"150.158.121.15","beacon_port":"8000","config_hash":"38a0005803fe05bd41cda752fcfe85b8004a06357dc92380469989291f072a8a","trial":false,"ts":1767654699.493554,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x64","beacon_ip":"150.158.121.15","beacon_port":"8000","config_hash":"f93fc04c708f6fe9d5541920dd052b5574f4f0573cf37587b489bb5d167dbf59","trial":false,"ts":1767654703.3651133,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321}],"submituris":["/MicrosoftUpdate/GetUpdate/KB"],"urls":["https://150.158.121.15:8000/MicrosoftUpdate/GetUpdate/KB","https://150.158.121.15:8000/MicrosoftUpdate/ShellEx/KB242742/default.aspx/MicrosoftUpdate/GetUpdate/KB"]}},"Firsttime":1767193705.5471349,"Host":"150.158.121.15","IP":"150.158.121.15","IPs":["150.158.121.15"],"Paths":["/MicrosoftUpdate/ShellEx/KB242742/default.aspx"],"Ports":["62000","8000"],"Protocols":["http","https"],"SubmitURIs":["/MicrosoftUpdate/GetUpdate/KB"],"URLs":["http://150.158.121.15:62000/MicrosoftUpdate/GetUpdate/KB","http://150.158.121.15:62000/MicrosoftUpdate/ShellEx/KB242742/default.aspx/MicrosoftUpdate/GetUpdate/KB","https://150.158.121.15:8000/MicrosoftUpdate/GetUpdate/KB","https://150.158.121.15:8000/MicrosoftUpdate/ShellEx/KB242742/default.aspx/MicrosoftUpdate/GetUpdate/KB"],"ip_enrichment":{"150.158.121.15":{"ASN":{"number":45090,"org":"TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited"},"GEO":{"country":"CN","country_name":"China","lat":35.0,"lon":105.0},"first":1767193705.5471349,"last":1767395263.758624,"meta":{"build_db":"2025-10-14 12:06:54","db_source":"GeoOpen-Country-ASN"},"source":"ip.circl.lu","updated":1767456638.6592517}},"lasttime":1767654703.3651133}