RST Threat feed. IOC: 23.101.204.40

2021-04-27T00:00:00
ID RST:0D802C08-7110-31D3-8B1F-0BF8BA0134D3
Type rst
Reporter RST Threat Feed
Modified 2021-04-25T00:00:00

Description

Found 23[.]101.204.40 in RST Threat Feed with score 10. First seen: 2021-04-25T03:00:00, Last seen: 2021-04-25T03:00:00. IOC tags: malware. We found that the IOC is used by: cobalt_strike. ASN 8075: (First IP 23.96.0.0, Last IP 23.102.255.255). ASN Name "MICROSOFTCORPMSNASBLOCK" and Organisation "Microsoft Corporation". This IP is a part of "azure" address pools. ASN hosts 1711443 domains. GEO IP information: City "San Jose", Country "United States". IOC could be a False Positive (Cloud provider IP). https://rstcloud.net/