C2
Key: 36.140.162.173 · Resolved IP: 36.140.162.173
Protocols: https, http · Ports: 4433, 8088
First view: 2025-12-26 00:05:41 CET · Last view: 2026-01-16 16:11:11 CET
Endpoints
| ID |
Protocole |
Port |
First view |
Last view |
SubmitURIs |
Paths |
URLs |
Seen in |
| http:8088 |
http |
8088 |
2025-12-26 00:05:54 CET |
2026-01-16 16:11:11 CET |
/submit.php |
/load, /__utm.gif |
3
Sample
- http://36.140.162.173:8088/load/submit.php
- http://36.140.162.173:8088/submit.php
- http://36.140.162.173:8088/__utm.gif/submit.php
|
2
hashes
|
| https:4433 |
https |
4433 |
2025-12-26 00:05:41 CET |
2026-01-16 16:11:08 CET |
/submit.php |
/cx, /ga.js |
3
Sample
- https://36.140.162.173:4433/cx/submit.php
- https://36.140.162.173:4433/submit.php
- https://36.140.162.173:4433/ga.js/submit.php
|
2
hashes
|
{
"Endpoints": {
"http:8088": {
"Firsttime": 1766703954.750674,
"lasttime": 1768576271.7551794,
"paths": [
"/load",
"/__utm.gif"
],
"port": "8088",
"protocol": "http",
"seen_in": [
{
"arch": "x64",
"beacon_ip": "36.140.162.173",
"beacon_port": "8088",
"config_hash": "c98d220f9db6ec6894a58b82ad4be63df47d078e1c107a487cd7f90f10a932d2",
"trial": false,
"ts": 1768576271.7551794,
"version": "Unknown",
"watermark": 1234567890
},
{
"arch": "x86",
"beacon_ip": "36.140.162.173",
"beacon_port": "8088",
"config_hash": "82bad177eb45957ec3f82a4401186fa8bdb1ca9064087d6cae1f0042c620c177",
"trial": false,
"ts": 1768576270.1862993,
"version": "Cobalt Strike 4.4 (Aug 04, 2021)",
"watermark": 1234567890
}
],
"submituris": [
"/submit.php"
],
"urls": [
"http://36.140.162.173:8088/load/submit.php",
"http://36.140.162.173:8088/submit.php",
"http://36.140.162.173:8088/__utm.gif/submit.php"
]
},
"https:4433": {
"Firsttime": 1766703941.4761033,
"lasttime": 1768576268.7085927,
"paths": [
"/cx",
"/ga.js"
],
"port": "4433",
"protocol": "https",
"seen_in": [
{
"arch": "x64",
"beacon_ip": "36.140.162.173",
"beacon_port": "4433",
"config_hash": "96b5223ac8ea9a2859a69bd8d78ea72549c59acc83150b42e4255139f79e55aa",
"trial": false,
"ts": 1768576268.7085927,
"version": "Unknown",
"watermark": 1234567890
},
{
"arch": "x86",
"beacon_ip": "36.140.162.173",
"beacon_port": "4433",
"config_hash": "5a53fb3450755690be3a18f708f090248ff7afdd72269da593cdeeda933b8f6e",
"trial": false,
"ts": 1768576266.8794801,
"version": "Cobalt Strike 4.4 (Aug 04, 2021)",
"watermark": 1234567890
}
],
"submituris": [
"/submit.php"
],
"urls": [
"https://36.140.162.173:4433/cx/submit.php",
"https://36.140.162.173:4433/submit.php",
"https://36.140.162.173:4433/ga.js/submit.php"
]
}
},
"Firsttime": 1766703941.4761033,
"Host": "36.140.162.173",
"IP": "36.140.162.173",
"IPs": [
"36.140.162.173"
],
"Paths": [
"/cx",
"/ga.js",
"/load",
"/__utm.gif"
],
"Ports": [
"4433",
"8088"
],
"Protocols": [
"https",
"http"
],
"SubmitURIs": [
"/submit.php"
],
"URLs": [
"https://36.140.162.173:4433/cx/submit.php",
"https://36.140.162.173:4433/submit.php",
"https://36.140.162.173:4433/ga.js/submit.php",
"http://36.140.162.173:8088/load/submit.php",
"http://36.140.162.173:8088/submit.php",
"http://36.140.162.173:8088/__utm.gif/submit.php"
],
"ip_enrichment": {
"36.140.162.173": {
"ASN": {
"number": 9808,
"org": "CHINAMOBILE-CN China Mobile Communications Group Co., Ltd."
},
"GEO": {
"country": "CN",
"country_name": "China",
"lat": 35.0,
"lon": 105.0
},
"first": 1766703941.4761033,
"last": 1767452946.122706,
"meta": {
"build_db": "2025-10-14 12:06:54",
"db_source": "GeoOpen-Country-ASN"
},
"source": "ip.circl.lu",
"updated": 1767456638.6585038
}
},
"lasttime": 1768576271.7551794
}