ThreatFox IOC Database

You are browsing the Indicator Of Compromise (IOC) database of ThreatFox. If you would like to contribute IOCs to the corpuse, you can do so through either the web form or the API.

1'085

IOCs shared (past 24 hours)

ClearFake

Most seen malware family (past 24 hours)

1'641'119

IOCs in corpus

Using the form below, you can search for malware samples by a hash (MD5, SHA256, SHA1), imphash, tlsh hash, ClamAV signature, tag or malware family.

Browse Database

Search syntax is as follow: keyword:search_term

Following is a list of accepted keywords along with an example search_term

ioc:ms-debug-services.com ( run)
malware:CobaltStrike ( run)
tag:TA505 ( run)
threat_type:cc_skimming ( run)
uuid:87f310f3-540b-11eb-922c-42010aa4000a ( run)

Date (UTC)	IOC	Malware	Tags	Reporter
2026-03-16 04:06	channelash.ratflat.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 04:01	168.245.203.49:3790	Meterpreter	AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter	DonPasci
2026-03-16 04:00	storybroad.ratflat.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 04:00	46.224.212.43:7443	Unknown malware	AS24940 c2 censys HETZNER-AS Mythic	DonPasci
2026-03-16 04:00	172.111.233.102:5900	AsyncRAT	AS9009 asyncrat c2 censys M247 RAT	DonPasci
2026-03-16 04:00	107.172.13.197:3000	Remcos	AS-COLOCROSSING AS36352 c2 censys RAT remcos	DonPasci
2026-03-16 04:00	143.92.56.46:18926	Ghost RAT	AS152194 c2 censys CTGSERVERLIMITED-AS-AP Gh0st RAT	DonPasci
2026-03-16 03:55	lte05ohe.ratflat.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 03:49	j9-main-point.ferroviva.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 03:43	h1-sync-data.ferroviva.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 03:38	p7-gate-proxy.ferroviva.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 03:32	s3-web-infra.ferroviva.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 03:27	r5-link-sat.secretovalle.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 03:21	q1-core-rock.secretovalle.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 03:18	osvetlenie.net	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-16 03:16	b9-base-steel.secretovalle.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 03:10	n4-orbit-moon.secretovalle.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 03:10	34.31.248.33:6932	AsyncRAT	asyncrat RAT	abuse_ch
2026-03-16 03:06	ostseefrische.de	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-16 03:04	x0-space-open.altasphera.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 03:01	connect.xdmserverconnect.website	XWorm	XWorm	dyingbreeds_
2026-03-16 03:00	xjt4wnlhmi.localto.net	Quasar RAT	quasar	dyingbreeds_
2026-03-16 03:00	www.trankuneca.com	Remcos	remcos	dyingbreeds_
2026-03-16 02:59	z7-field-vast.altasphera.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 02:53	w1-zone-area.altasphera.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 02:48	k9-rim-outer.altasphera.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 02:42	m8-sync-vision.puroflusso.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 02:36	a4-scan-point.puroflusso.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 02:31	e6-bridge-light.puroflusso.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 02:25	v0-room-dark.puroflusso.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 02:22	osiconnect.com.br	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-16 02:20	i1-vision-sync.duronodo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 02:04	u3-ghost-node.duronodo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 01:58	t5-shell-core.duronodo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 01:53	y2-trace-alpha.duronodo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 01:47	l9-auth-user.velocicorsa.in.net	ClearFake	ClearFake	Anonymous
2026-03-16 01:41	g7-db-point.velocicorsa.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 01:36	f4-base-infra.velocicorsa.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 01:30	d8-net-global.velocicorsa.in.net	ClearFake	ClearFake	Anonymous
2026-03-16 01:25	j1-flow-work.ombragrigia.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 01:19	h3-hub-local.ombragrigia.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 01:14	p0-link-power.ombragrigia.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 01:08	s9-sys-monitor.ombragrigia.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 01:03	r2-gate-entry.terralibre.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 00:56	q4-dev-host.terralibre.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 00:55	orleans.gtwa.com.br	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-16 00:51	n8-api-remote.terralibre.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 00:45	b1-cloud-store.terralibre.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 00:40	c2-core-sync.focozero.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 00:34	x5-web-proxy.focozero.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 00:29	z3-app-data.focozero.in.net	ClearFake	ClearFake	Anonymous
2026-03-16 00:23	v7-srv-gate.focozero.in.net	ClearFake	ClearFake	Anonymous
2026-03-16 00:18	originaleins.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-16 00:18	m1-infra-static.ventonovo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 00:12	w9-dist-meta.ventonovo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 00:06	k4-sync-auth.ventonovo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 00:01	85.121.4.146:80	Meterpreter	ALEXHOST AS200019 c2 censys hacktool MetaSploit Meterpreter	DonPasci
2026-03-16 00:01	13.233.167.235:5742	Meterpreter	AMAZON-02 AS16509 c2 censys hacktool MetaSploit Meterpreter	DonPasci
2026-03-16 00:01	87.120.191.29:4321	AdaptixC2	AdaptixC2 AS215925 c2 censys VPSVAULTHOST	DonPasci
2026-03-16 00:01	101.108.70.116:7443	NetSupportManager RAT	AS23969 c2 censys NetSupport RAT TOT-NET	DonPasci
2026-03-16 00:01	187.156.110.215:443	NetSupportManager RAT	AS8151 c2 censys NetSupport RAT UNINET	DonPasci
2026-03-16 00:01	t0-node-edge.ventonovo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-16 00:01	137.184.38.192:11188	AsyncRAT	AS14061 asyncrat c2 censys DIGITALOCEAN-ASN RAT	DonPasci
2026-03-16 00:00	172.111.233.102:4444	AsyncRAT	AS9009 asyncrat c2 censys M247 RAT	DonPasci
2026-03-16 00:00	178.16.52.51:4443	AsyncRAT	AS202412 asyncrat c2 censys OMEGATECH-AS RAT	DonPasci
2026-03-16 00:00	99.136.117.237:8808	AsyncRAT	AS7018 asyncrat ATT-INTERNET4 c2 censys RAT	DonPasci
2026-03-16 00:00	38.54.40.38:8888	Unknown malware	AS138915 c2 censys KAOPU-HK Supershell	DonPasci
2026-03-16 00:00	103.236.61.143:2404	Remcos	AS4816 c2 censys CHINANET-IDC-GD RAT remcos	DonPasci
2026-03-16 00:00	194.59.30.52:2404	Remcos	AS399486 c2 censys RAT remcos VIRTUO	DonPasci
2026-03-15 23:55	main-v9-point.metalloarea.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 23:50	sync-z2-data.metalloarea.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 23:44	gate-x11-proxy.metalloarea.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 23:38	web-v8-infra.metalloarea.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 23:33	link-z0-sat.grandeserveur.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 23:32	otebasecurities.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 23:29	orgeon.filipeflores.com.br	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 23:27	https://voidstealer.net	Unknown malware	VoidStealer - Web Panel	HuntYethHounds
2026-03-15 23:27	core-x2-rock.grandeserveur.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 23:27	voidstealer.net	Unknown malware	VoidStealer - Web Panel	HuntYethHounds
2026-03-15 23:26	https://ins0mnia.ru	Unknown malware	Insomnia - Web Panel	HuntYethHounds
2026-03-15 23:25	ins0mnia.ru	Unknown malware	Insomnia - Web Panel	HuntYethHounds
2026-03-15 23:24	https://ghumbuy.com	Unknown malware	Evelyn Stealer - Web Panel	HuntYethHounds
2026-03-15 23:23	ghumbuy.com	Unknown malware	Evelyn Stealer - Web Panel	HuntYethHounds
2026-03-15 23:23	organizinglady.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 23:21	base-v55-steel.grandeserveur.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 23:16	orbit-z1-moon.grandeserveur.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 23:10	space-x9-open.silberstromz.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 23:06	oreiades.gr	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 23:04	field-z4-vast.silberstromz.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 23:01	grannyboosted-33522.portmap.host	XWorm	XWorm	dyingbreeds_
2026-03-15 23:01	ycqsf-93-171-240-170.a.free.pinggy.link	XWorm	XWorm	dyingbreeds_
2026-03-15 23:01	212.227.93.216:1000	XWorm	XWorm	dyingbreeds_
2026-03-15 23:00	fjASijfn2niuncusibun-38290.portmap.host	Quasar RAT	quasar	dyingbreeds_
2026-03-15 23:00	softwareupdatexkwre.duckdns.org	Remcos	remcos	dyingbreeds_
2026-03-15 23:00	taixinmnt.com	Remcos	remcos	dyingbreeds_
2026-03-15 22:59	zone-v11-area.silberstromz.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 22:56	orders.integritytitlesolutions.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 22:53	rim-x7-outer.silberstromz.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 22:52	orchidee.ws	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 22:48	sync-v0-vision.altosistema.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 22:42	scan-z2-point.altosistema.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 22:36	bridge-x4-light.altosistema.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 22:35	orbitfoods.de	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 22:32	oranienbaum.club	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 22:31	room-v51-dark.altosistema.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 22:27	https://go.fileupload.vip/capcut	Unknown malware	ClickFix	HuntYethHounds
2026-03-15 22:26	https://go.fileupload.vip/spotify	Unknown malware	ClickFix	HuntYethHounds
2026-03-15 22:25	vision-z7-sync.froidenodal.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 22:22	https://go.fileupload.vip/NRhu6?fM=3	Unknown malware	ClickFix	HuntYethHounds
2026-03-15 22:20	https://go.fileupload.vip/M3Vmu?HH=a	Unknown malware	ClickFix	HuntYethHounds
2026-03-15 22:20	ghost-v3-node.froidenodal.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 22:19	https://go.fileupload.vip/1.png	Unknown malware	ClickFix payload zip	HuntYethHounds
2026-03-15 22:19	go.fileupload.vip	Unknown malware	ClickFix	HuntYethHounds
2026-03-15 22:14	shell-x01-core.froidenodal.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 22:12	oraclediagnostic.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 22:09	trace-z9-alpha.froidenodal.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 22:03	auth-v1-user.mondosicuro.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 21:57	db-z12-point.mondosicuro.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 21:52	base-x7-infra.mondosicuro.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 21:49	https://ofaskfaksfmtjmka.com/otoaskjsk.js	IClickFix	ClickFix IClickFix	HuntYethHounds
2026-03-15 21:46	net-v33-global.mondosicuro.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 21:45	94.26.90.23:80	IClickFix	ClickFix IClickFix	HuntYethHounds
2026-03-15 21:42	https://amlfoods.co.uk/wp-blog-footer.php?page=	IClickFix	ClickFix IClickFix	HuntYethHounds
2026-03-15 21:42	https://amlfoods.co.uk/wp-blog-footer.php	IClickFix	ClickFix IClickFix	HuntYethHounds
2026-03-15 21:41	https://mvjfkakfkfkaiai.com/dasgggg.js	IClickFix	ClickFix IClickFix	HuntYethHounds
2026-03-15 21:40	flow-x5-work.starkewahl.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 21:39	njnconstrucciones.com.ar	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 21:35	hub-z0-local.starkewahl.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 21:29	point-v91-power.starkewahl.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 21:24	sys-x2-monitor.starkewahl.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 21:18	link-v7-entry.petittravail.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 21:18	opportunitycampmemphis.amydalephotography.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 21:12	dev-x44-host.petittravail.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 21:11	opow39.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 21:07	api-z1-remote.petittravail.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 21:02	cloud-v10-store.petittravail.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 20:57	onthepositivetip.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 20:56	infra-v3-sync.schnellnetz.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 20:50	web-99-proxy.schnellnetz.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 20:44	data-x1-core.schnellnetz.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 20:39	noticiasdeisrael.com.br	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 20:39	auth-z7-gate.schnellnetz.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 20:38	noarootsi.planet.ee	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 20:33	node-55-static.ponteluna.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 20:28	sync-v9-meta.ponteluna.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 20:16	srv-x11-host.ponteluna.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 20:12	main-z1-point.metallopunto.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 20:07	sync-v9-data.metallopunto.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 20:01	gate-x3-proxy.metallopunto.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 20:01	108.165.95.8:80	MooBot	AS400536 c2 censys moobot NODESTOP-LLC	DonPasci
2026-03-15 20:01	102.98.211.162:443	NetSupportManager RAT	AS36925 ASMedi c2 censys NetSupport RAT	DonPasci
2026-03-15 20:01	69.167.10.199:443	DCRat	AS40861 c2 censys dcrat PARAD-40-ASN RAT	DonPasci
2026-03-15 20:01	41.216.188.35:443	Havoc	AS30823 AUROLOGIC c2 censys Havoc	DonPasci
2026-03-15 20:01	88.244.190.113:443	Quasar RAT	AS9121 c2 censys quasar RAT TTNET	DonPasci
2026-03-15 20:00	137.184.38.192:23500	AsyncRAT	AS14061 asyncrat c2 censys DIGITALOCEAN-ASN RAT	DonPasci
2026-03-15 20:00	157.180.14.245:8888	AsyncRAT	AS24940 asyncrat c2 censys HETZNER-AS RAT	DonPasci
2026-03-15 20:00	181.214.100.88:80	Sliver	AS21859 c2 censys open-dir payload sliver ZEN-ECN	DonPasci
2026-03-15 20:00	147.45.179.72:34610	Remcos	AS215540 c2 censys GCS-AS RAT remcos	DonPasci
2026-03-15 20:00	143.92.51.45:8080	Cobalt Strike	AS152194 c2 censys CobaltStrike cs-watermark-987654321 CTGSERVERLIMITED-AS-AP	DonPasci
2026-03-15 20:00	156.234.216.58:54121	Cobalt Strike	AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK	DonPasci
2026-03-15 20:00	156.234.190.126:54121	Cobalt Strike	AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK	DonPasci
2026-03-15 20:00	64.89.160.146:80	Cobalt Strike	AS205759 c2 censys CobaltStrike cs-watermark-987654321 GHOSTYNETWORKS	DonPasci
2026-03-15 20:00	156.234.216.35:54121	Cobalt Strike	AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK	DonPasci
2026-03-15 20:00	139.224.16.189:80	Cobalt Strike	ALIBABA-CN-NET AS37963 c2 censys CobaltStrike cs-watermark-987654321	DonPasci
2026-03-15 20:00	156.234.216.54:54121	Cobalt Strike	AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK	DonPasci
2026-03-15 20:00	156.234.216.49:54121	Cobalt Strike	AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK	DonPasci
2026-03-15 19:57	https://ageconsultant.pk	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:56	https://travely.mn	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:56	https://mbswindows.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:56	https://jessielaurencestudio.1111webstaging.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:55	web-z7-infra.metallopunto.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 19:55	https://aurumcapital.ae	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:55	https://tabarukatonline.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:54	https://redlacipj.org	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:54	https://institutogeraldeprofissoes.site	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:54	https://agrofarmery.site	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:53	https://abh.eventartstata.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:53	https://singhvinaynepaltour.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:52	https://mimoza-store.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:52	nlf.ssffaa19.xyz	Vidar	Vidar	crep1x
2026-03-15 19:52	ggl.rongtv.xyz	Vidar	Vidar	crep1x
2026-03-15 19:52	ggl.ssffaa19.xyz	Vidar	Vidar	crep1x
2026-03-15 19:52	red.rvoox.com	Vidar	Vidar	crep1x
2026-03-15 19:52	red.ssffaa1.xyz	Vidar	Vidar	crep1x
2026-03-15 19:52	nlf.rongtv.xyz	Vidar	Vidar	crep1x
2026-03-15 19:52	https://farmabrasil.farmamarketing.com.br	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:52	https://nlf.ssffaa19.xyz/	Vidar	Vidar	crep1x
2026-03-15 19:52	https://red.rvoox.com/	Vidar	Vidar	crep1x
2026-03-15 19:52	https://red.ssffaa1.xyz/	Vidar	Vidar	crep1x
2026-03-15 19:52	https://ggl.rongtv.xyz/	Vidar	Vidar	crep1x
2026-03-15 19:52	https://ggl.ssffaa19.xyz/	Vidar	Vidar	crep1x
2026-03-15 19:52	https://nlf.rongtv.xyz/	Vidar	Vidar	crep1x
2026-03-15 19:52	https://dewanmanufacturing.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:51	https://creativefarmsgeorgia.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:50	link-v11-sat.grandevitesse.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 19:50	https://resknowbd.org	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:50	https://polysilicon-sa.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:50	https://guasaveguia.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:49	https://groundinvest.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:49	https://cdrtmarrakech.org	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:49	https://amit-haviv.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 19:44	core-x4-rock.grandevitesse.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 19:39	base-z9-steel.grandevitesse.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 19:35	nuvixohub.com	IClickFix	ClickFix IClickFix NetSupport RAT	HuntYethHounds
2026-03-15 19:33	orbit-v0-moon.grandevitesse.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 19:33	nuvixof.com	IClickFix	ClickFix IClickFix NetSupport RAT	HuntYethHounds
2026-03-15 19:31	94.26.83.178:80	IClickFix	ClickFix IClickFix	HuntYethHounds
2026-03-15 19:28	space-x1-open.silberstromx.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 19:22	field-z5-vast.silberstromx.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 19:17	https://www.skilledprofessionals.guru/wp-blog-footer.php?page=	IClickFix	ClickFix IClickFix	HuntYethHounds
2026-03-15 19:16	onpointrentals.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 19:16	zone-v2-area.silberstromx.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 19:11	rim-x81-outer.silberstromx.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 19:05	sync-z1-vision.altolivello.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 19:01	144.31.12.196:57942	XWorm	XWorm	dyingbreeds_
2026-03-15 18:59	point-v4-scan.altolivello.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 18:56	https://ofofoalalaladjrkrka.com/asgxcvxcv.js	IClickFix	ClickFix IClickFix	HuntYethHounds
2026-03-15 18:56	onlinestore.volleyballtoolbox.net	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 18:54	bridge-00-light.altolivello.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 18:48	room-x12-dark.altolivello.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 18:42	vision-z3-sync.froidefibre.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 18:37	ghost-v9-node.froidefibre.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 18:32	shell-01-core.froidefibre.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 18:27	onlinebusinessbee.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 18:26	trace-x7-alpha.froidefibre.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 18:20	auth-v2-user.mondolucente.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 18:15	db-x55-point.mondolucente.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 18:14	online.prealternativo.com.br	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 18:09	base-z3-infra.mondolucente.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 18:04	net-v11-global.mondolucente.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 17:58	flow-z4-work.starkewolke.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 17:56	online.igad.edu.ec	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 17:52	hub-v22-local.starkewolke.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 17:47	link-x9-power.starkewolke.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 17:42	sys-01-monitor.starkewolke.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 17:36	gate-v5-entry.petitreseauv.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 17:31	https://rewardgoldshop.com/work.zip	Unknown malware	ClickFix payload	HuntYethHounds
2026-03-15 17:30	dev-x11-host.petitreseauv.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 17:30	https://rewardgoldshop.com/q/	Unknown malware	ClickFix	HuntYethHounds
2026-03-15 17:30	rewardgoldshop.com	Unknown malware	ClickFix	HuntYethHounds
2026-03-15 17:26	ageconsultant.pk	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:24	api-z8-remote.petitreseauv.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 17:23	travely.mn	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:22	slotmachinesgroup.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:21	mbswindows.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:19	cloud-v2-store.petitreseauv.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 17:18	jessielaurencestudio.1111webstaging.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:18	aurumcapital.ae	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:16	wewit.it	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:15	tabarukatonline.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:14	redlacipj.org	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:14	institutogeraldeprofissoes.site	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:13	core-x1-sync.schnellestat.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 17:13	agrofarmery.site	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:12	abh.eventartstata.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:12	singhvinaynepaltour.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:11	mimoza-store.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:11	farmabrasil.farmamarketing.com.br	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:10	dewanmanufacturing.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:10	creativefarmsgeorgia.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:09	bab21.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:08	resknowbd.org	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:08	web-303-proxy.schnellestat.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 17:07	polysilicon-sa.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:06	guasaveguia.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:06	groundinvest.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:06	cdrtmarrakech.org	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:05	amit-haviv.com	Unknown malware	ClickFix Redirect	HuntYethHounds
2026-03-15 17:03	onering.in	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 17:02	app-v9-data.schnellestat.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 16:57	srv-z44-meta.schnellestat.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 16:51	infra-v1-static.pontesicuro.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 16:50	https://autismtoken.live/auth?xc=1002214	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:50	autismtoken.live	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:48	https://usoil.life/auth?xc=1001858	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:48	usoil.life	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:47	https://onepiece.digital/auth?xc=1001797	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:47	onepiece.digital	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:45	dist-7-cache.pontesicuro.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 16:44	https://solwhitehouse.digital/auth?xc=1001768	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:43	solwhitehouse.digital	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:43	https://blockstreet.bet/auth?xc=1001742	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:42	blockstreet.bet	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:41	https://portal-idos.network/auth?xc=1001686	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:41	portal-idos.network	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:39	sync-v02-edge.pontesicuro.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 16:39	https://stormrae.digital/auth?xc=1001374	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:38	stormrae.digital	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:37	https://shadenetwork.run/auth?xc=999768	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:37	shadenetwork.run	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:36	https://shadenetwork.live/auth?xc=998988	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:36	shadenetwork.live	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:35	https://usoronsol.digital/auth?xc=997335	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:34	usoronsol.digital	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:34	node-x91-auth.pontesicuro.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 16:33	https://corvuscoin.digital/auth?xc=996020	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:33	corvuscoin.digital	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:31	https://nexira.digital/auth?xc=995402	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:31	nexira.digital	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:31	52b6fb40e7efb09c2bebe8550178e7e30009600bdedd1acae085d753761b7598	BEARDSHELL	APT28 BeardShell EhStoreShell GRU Sednit	Lenard
2026-03-15 16:31	a876f648991711e44a8dcf888a271880c6c930e5138f284cd6ca6128eca56ba1	BEARDSHELL	APT28 BeardShell EhStoreShell GRU Sednit	Lenard
2026-03-15 16:31	8c1dc9732884c6078b23953b78314a8d0d8b8d9fe42e5f97a7cd09b8ace943a9	BEARDSHELL	APT28 BeardShell GRU Sednit SimpleLoader	Lenard
2026-03-15 16:31	0bb0d54033767f081cae775e3cf9ede7ae6bea75f35fbfb748ccba9325e28e5e	BEARDSHELL	APT28 BeardShell GRU Sednit SimpleLoader	Lenard
2026-03-15 16:31	fd3f13db41cd5b442fa26ba8bc0e9703ed243b3516374e3ef89be71cbf07436b	BEARDSHELL	APT28 BeardShell CVE-2026-21509 CVE-2026-21514 GRU Sednit	Lenard
2026-03-15 16:31	b2ba51b4491da8604ff9410d6e004971e3cd9a321390d0258e294ac42010b546	BEARDSHELL	APT28 BeardShell CVE-2026-21509 CVE-2026-21514 GRU Sednit	Lenard
2026-03-15 16:31	9f4672c1374034ac4556264f0d4bf96ee242c0b5a9edaa4715b5e61fe8d55cc8	BEARDSHELL	APT28 BeardShell CVE-2026-21509 CVE-2026-21514 GRU Sednit	Lenard
2026-03-15 16:31	7ccf7e8050c66eed69f35159042d8043032f8afe48ae1f51fce75ce2c51395f2	BEARDSHELL	APT28 BeardShell Covenant CVE-2026-21509 GRU NotDoor Sednit	Lenard
2026-03-15 16:31	dcleb.com	Ghost RAT	c2 Gh0st INNOSETUP RAT	Lenard
2026-03-15 16:31	47.242.9.11:80	Ghost RAT	c2 Gh0st INNOSETUP RAT	Lenard
2026-03-15 16:31	c8fe0393370dd2bd98e3bd9c9f24574df794eab70e21c964bb2c2e9b7e460a2d	Ghost RAT	cluster Gh0st INNOSETUP RAT	Lenard
2026-03-15 16:31	e82aa52c376912a39be0403aceb9281e5d6a39b39bab48af0e43e2cebdd1c6f2	Ghost RAT	cluster Gh0st INNOSETUP RAT	Lenard
2026-03-15 16:31	7303323e80e09def96d34e21b6df3d975cd1f5d01d56fb1dab15e3b29e0685e5	ValleyRAT	cluster NvSmartMax ValleyRAT Winos4	Lenard
2026-03-15 16:31	7c4bbb982d99092ee208ef3f21e8a07b09cb3b10b19c2d5a26ee8c2a3d6e4a1d	ValleyRAT	cluster NvSmartMax ValleyRAT Winos4	Lenard
2026-03-15 16:31	a85188389fe8062139cb6bddf43f1ae8fb38c3f5c73e2fad3b2a5ff28c0e92a0	ValleyRAT	cluster NvSmartMax ValleyRAT Winos4	Lenard
2026-03-15 16:31	46dc1020933455323246a5f00ca71006925dff1bddc273519884b4fb3f78ca05	Phorpiex	Dropper phorpiex Worm	Lenard
2026-03-15 16:31	a078ea491822b8d8014821cdcce8bcb450947a9e1c5e0b55d259df864978ee17	Amadey	Amadey Dropper msi	Lenard
2026-03-15 16:31	991bc33adf6e07583c78140bc589c1eeee1d53748055c3c70d5b03f65539ecdd	Amadey	Amadey Dropper	Lenard
2026-03-15 16:31	0a4d85148ad5851b4db1fcd4337cad89d488151359dbdb98be518bff0e403cbd	CloudEyE	guloader NSIS remcos	Lenard
2026-03-15 16:31	d3d4b8bd76a26448426c89e6e401cff2cd9350c09aad52cc33d4ca3866bea918	Unknown malware	BlackSanta BYOVD DLLSideloading EDRKiller SumatraPDF	Lenard
2026-03-15 16:31	83fcc6bf733751bab43e92d31b810c4cecd4d8640668d2ed26f47f62edd942cf	Unknown malware	BlackSanta BYOVD EDRKiller truesight	Lenard
2026-03-15 16:31	47f659d6152ad612abc514b8b9e0aadfa69cb0b7b27426c37e63f85ead2a7b13	Unknown malware	BlackSanta BYOVD EDRKiller truesight	Lenard
2026-03-15 16:31	157.250.202.215:443	Unknown malware	BlackSanta c2 EDRKiller	Lenard
2026-03-15 16:31	163.245.212.11:443	Unknown malware	BlackSanta c2 EDRKiller	Lenard
2026-03-15 16:31	fundefend.biglight.in.net	ClearFake	15March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 16:31	c11p8-route.oilglass.in.net	ClearFake	15March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 16:31	18.163.176.215:8880	ValleyRAT	c2 NvSmartMax ValleyRAT Winos4	Lenard
2026-03-15 16:31	2.58.82.231:1420	Mirai	Mirai	seckle
2026-03-15 16:31	167.172.221.20:8080	Aisuru	AISURU c2	Bitsight
2026-03-15 16:31	7y35a.m4gnet.in.net	ClearFake	15March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 16:31	https://pheximloadv1-cc.t3.storage.dev/index.html?AGJyPd8Ry3GkfAU0JJ44cAJG%KuVLRJf1LZL3DzmTlvU8DL%1XOIaEa9DX=6vB6Mwla_EjBugyjk8GX8e5Rox34H3K25WHDlgpKj-1ucFflsioMsqhNnuWOaNKEk1dBT	Unknown malware	ClickFix	CarsonWilliams
2026-03-15 16:30	167.172.221.20:9034	Aisuru	AISURU c2	Bitsight
2026-03-15 16:30	192.81.215.50:8443	Aisuru	AISURU c2	Bitsight
2026-03-15 16:29	https://exponentialmc.world/auth?xc=995364	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:28	exponentialmc.world	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:28	dynnexos.getlight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 16:27	https://idos.today/auth?xc=995345	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:26	idos.today	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:25	https://blockstreet.zone/auth?xc=995337	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:25	blockstreet.zone	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:23	https://waronusd1.world/auth?xc=995324	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:23	proto-p1an.getlight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 16:23	waronusd1.world	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:22	https://waronusd1.digital/auth?xc=995292	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:21	ondasformacion.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 16:21	waronusd1.digital	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:20	https://warcoin.life/auth?xc=995269	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:20	warcoin.life	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:17	https://blockstreet.world/auth?xc=995208	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:16	blockstreet.world	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:14	irnport-array.getlight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 16:14	https://warcoinsol.digital/auth?xc=995059	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:13	warcoinsol.digital	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:12	https://warcoinsol.life/auth?xc=995023	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:12	warcoinsol.life	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:11	https://xmoneycoin.world/auth?xc=995002	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:11	xmoneycoin.world	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:10	https://x-money.run/auth?xc=994959	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:10	x-money.run	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:09	https://dustcoin.digital/auth?xc=994942	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:09	forrn4-mark.getlight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 16:08	dustcoin.digital	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:07	https://waronusd1.run/auth?xc=994911	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:06	waronusd1.run	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:06	https://blockstreet.today/auth?xc=994887	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:05	blockstreet.today	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:05	https://stormrae.world/auth?xc=994869	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:04	stormrae.world	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 16:03	rmly.onelight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 16:02	onboard.pr.business	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 16:00	145.223.70.62:53437	Quasar RAT	AS215311 c2 censys quasar RAT REGXA-CLOUD	DonPasci
2026-03-15 16:00	213.109.192.71:7443	Unknown malware	AS62005 BV-EU-AS c2 censys Mythic	DonPasci
2026-03-15 16:00	178.16.52.58:4443	AsyncRAT	AS202412 asyncrat c2 censys OMEGATECH-AS RAT	DonPasci
2026-03-15 16:00	185.242.3.83:5505	AsyncRAT	AS60223 asyncrat c2 censys NETIFACE-AS RAT	DonPasci
2026-03-15 16:00	104.211.114.52:443	Sliver	AS8075 c2 censys MICROSOFT-CORP-MSN-AS-BLOCK sliver	DonPasci
2026-03-15 16:00	203.159.90.180:443	Sliver	AS210558 c2 censys sliver	DonPasci
2026-03-15 16:00	20.207.205.234:443	Sliver	AS8075 c2 censys MICROSOFT-CORP-MSN-AS-BLOCK sliver	DonPasci
2026-03-15 16:00	156.234.205.156:54121	Cobalt Strike	AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK	DonPasci
2026-03-15 15:57	xivuhpzc.onelight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 15:53	https://gosolcoin.digital/auth?xc=994683	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:53	gosolcoin.digital	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:52	zenlithis.onelight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 15:50	https://xpdcoin.digital/auth?xc=994626	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:50	xpdcoin.digital	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:49	https://solsol.life/auth?xc=994584	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:48	solsol.life	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:47	https://lobstercoin.digital/auth?xc=994548	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:47	lobstercoin.digital	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:46	hyp3-grid.onelight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 15:45	https://wartoken.world/auth?xc=994503	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:45	wartoken.world	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:43	https://punchcoin.life/auth?xc=994489	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:43	punchcoin.life	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:42	https://punchtoken.digital/auth?xc=994475	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:42	punchtoken.digital	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:40	kelline7en.biglight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 15:39	https://sandwatch.run/auth?xc=994435	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:38	sandwatch.run	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 15:35	omsattningskrav.eu	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 15:34	neo-dep0.biglight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 15:24	ultra-10ader.biglight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 15:19	omniathletix.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 15:18	owgnjyia.oilglass.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 15:12	alt-4g3nt.oilglass.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 15:01	awzsl.oilglass.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 15:01	192.3.176.253:7004	XWorm	XWorm	dyingbreeds_
2026-03-15 15:01	ugvsss-39887.portmap.host	XWorm	XWorm	dyingbreeds_
2026-03-15 14:59	ihs9w42t.rocksys.digital	ClearFake	ClearFake	Anonymous
2026-03-15 14:57	u5pru9ov.rocksys.digital	ClearFake	ClearFake	threatcat_ch
2026-03-15 14:56	schem2-span.yellglass.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 14:50	8.163.56.153:8443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-03-15 14:50	lkzsajn.yellglass.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 14:49	156.245.144.203:443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-03-15 14:49	156.245.144.203:4443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-03-15 14:49	141.195.112.192:6666	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-03-15 14:49	win.spaceshlp.com	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-03-15 14:44	67hl8p.yellglass.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 14:39	timbermerge.yellglass.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 14:33	blendlayout.rassvet.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 14:27	bridgsock.rassvet.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 14:22	66baw.rassvet.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 14:16	cellcol.rassvet.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 14:10	vorlithar5.bluelight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 14:05	4ud18-ring.bluelight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 13:59	surve-spool.bluelight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 13:54	routercanva.bluelight.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 13:48	dynlineum5.dotnet.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 13:43	splitcrim.dotnet.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 13:37	geyse6-phase.dotnet.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 13:31	br4nd-crest.dotnet.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 13:26	n4rr-wave.gobright.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 13:20	canopyform.gobright.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 13:15	bran-gen.gobright.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 13:09	shoalthorn.gobright.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 13:04	9kmz1s.highligh.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 12:58	quorcore5et.highligh.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 12:55	18.117.70.136:4449	AsyncRAT	asyncrat	abuse_ch
2026-03-15 12:52	mooinne.highligh.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 12:47	workerembe.highligh.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 12:41	c0ve-grid.ziparch.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 12:36	c72ole.ziparch.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 12:30	ser-tidear.ziparch.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 12:24	quotasun.ziparch.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 12:22	ralewo.com	Unknown Stealer	c2 domain MacSync stealer VirusTotal	DonPasci
2026-03-15 12:21	old.bdr.group	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 12:19	clousupply.farngo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 12:13	shiel-track.farngo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 12:07	flee-peta.farngo.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 12:07	olabs.net	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 12:03	43.133.69.45:5200	ValleyRAT	AS132203 c2 RAT triage ValleyRAT	DonPasci
2026-03-15 12:03	43.133.69.45:8888	ValleyRAT	AS132203 c2 RAT triage ValleyRAT	DonPasci
2026-03-15 12:02	82.22.62.197:8080	NjRAT	AS213200 c2 njrat triage	DonPasci
2026-03-15 12:02	geo-4uth.farngo.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 12:01	35.240.184.29:4444	Meterpreter	AS396982 c2 censys GOOGLE-CLOUD-PLATFORM hacktool MetaSploit Meterpreter	DonPasci
2026-03-15 12:00	45.61.151.31:7001	DCRat	AS14956 c2 censys dcrat RAT ROUTERHOSTING	DonPasci
2026-03-15 12:00	20.2.90.98:8888	Unknown malware	AS8075 c2 censys MICROSOFT-CORP-MSN-AS-BLOCK Supershell	DonPasci
2026-03-15 12:00	107.173.143.36:14644	Remcos	AS-COLOCROSSING AS36352 c2 censys RAT remcos	DonPasci
2026-03-15 12:00	176.65.139.46:1337	XWorm	c2 triage XWorm	DonPasci
2026-03-15 12:00	ulia111-35403.portmap.host	XWorm	c2 domain triage XWorm	DonPasci
2026-03-15 12:00	156.234.216.40:54121	Cobalt Strike	AS138415 c2 censys CobaltStrike YANCYLIMITED-AS-HK	DonPasci
2026-03-15 11:56	ff6se.idealup.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 11:54	oknograd43.ru	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 11:51	curiouswholesale.idealup.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 11:45	brookurban.idealup.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 11:39	5tab1-pulse.idealup.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 11:34	y7nk5xw8.bluehub.digital	ClearFake	ClearFake	Anonymous
2026-03-15 11:34	bhzrypm.idealno.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 11:33	ouzr9xgt.bluehub.digital	ClearFake	ClearFake	threatcat_ch
2026-03-15 11:29	ohmydogtoledo.com.br	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 11:28	bd6vpbg.idealno.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 11:22	g447cjsx.idealno.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 11:17	talfluxen.idealno.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 11:15	ogb.asia	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 11:12	62.133.60.98:80	Unknown malware	ClickFix payload	HuntYethHounds
2026-03-15 11:11	http://62.133.60.98/n5/dwrite.bak	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 11:11	0hm6uq.trustdom.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 11:10	http://62.133.60.98/n3/setup.xls	Unknown malware	ClickFix HTA JScript payload	HuntYethHounds
2026-03-15 11:09	http://62.133.60.98/n2/wdsutil.sys	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 11:09	http://62.133.60.98/n2/util.json	Unknown malware	ClickFix HTA JScript payload	HuntYethHounds
2026-03-15 11:08	http://62.133.60.98/n/zcore.bak	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 11:07	http://62.133.60.98/n/sys32.dll	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 11:07	http://62.133.60.98/n/dnsapi.log	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 11:06	http://62.133.60.98/n/Qt3Core.dll	Unknown malware	ClickFix HTA payload VBScript	HuntYethHounds
2026-03-15 11:06	http://62.133.60.98/n3/setupapi.ini	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 11:06	gu5t-spark.trustdom.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 11:05	185.161.251.58:80	Unknown malware	ClickFix payload	HuntYethHounds
2026-03-15 11:04	http://185.161.251.58/n/zcore.bak	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 11:03	http://185.161.251.58/n/Qt3Core.dll	Unknown malware	ClickFix HTA payload VBScript	HuntYethHounds
2026-03-15 11:03	http://185.161.251.58/n/sys32.dll	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 11:01	catoooomw.ddnsfree.com	XWorm	XWorm	dyingbreeds_
2026-03-15 11:01	http://185.161.251.58/n/dnsapi.log	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 11:01	45.157.233.46:25565	XWorm	XWorm	dyingbreeds_
2026-03-15 11:00	http://185.161.251.58/n2/wdsutil.sys	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 11:00	agy.uk.com	Quasar RAT	quasar	dyingbreeds_
2026-03-15 11:00	jvu.uk.com	Quasar RAT	quasar	dyingbreeds_
2026-03-15 11:00	vasectomy.us.com	Quasar RAT	quasar	dyingbreeds_
2026-03-15 10:59	http://185.161.251.58/n2/util.json	Unknown malware	ClickFix HTA JScript payload	HuntYethHounds
2026-03-15 10:58	54p9sle.trustdom.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 10:58	http://185.161.251.58/n3/setupapi.ini	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 10:56	http://185.161.251.58/n3/setup.xls	Unknown malware	ClickFix HTA JScript payload	HuntYethHounds
2026-03-15 10:55	http://185.161.251.58/n5/dwrite.bak	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 10:52	vgbf.trustdom.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 10:51	offshoremarinecontracting.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 10:51	81.90.29.35:80	Unknown malware	ClickFix payload	HuntYethHounds
2026-03-15 10:48	http://81.90.29.35/rem/kern.gz	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 10:48	http://81.90.29.35/rem/data.gz	Unknown malware	ClickFix HTA payload VBScript	HuntYethHounds
2026-03-15 10:47	meta-val1dat.trustsum.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 10:46	http://81.90.29.35/n4/Ole32.dll	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 10:46	http://81.90.29.35/n4/Bootres.dll	Unknown malware	ClickFix HTA payload VBScript	HuntYethHounds
2026-03-15 10:44	http://81.90.29.35/n/breeze.img	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 10:43	http://81.90.29.35/blob.m3u8	Unknown malware	ClickFix payload powershell	HuntYethHounds
2026-03-15 10:41	pf1dxwdy.trustsum.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 10:41	http://81.90.29.35/n5/mfcd.sql	Unknown malware	ClickFix HTA JScript payload	HuntYethHounds
2026-03-15 10:36	drawsout.trustsum.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 10:31	https://disrespectsentim.digital/script.sh	Unknown malware	ClickFix	HuntYethHounds
2026-03-15 10:31	disrespectsentim.digital	Unknown malware	ClickFix	HuntYethHounds
2026-03-15 10:30	sp3c6-vault.trustsum.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 10:24	baow.man4get.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 10:22	ofabricantetextil.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 10:19	solcrest8on.man4get.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 10:17	https://greatsorors.digital/script.sh	Unknown malware	ClickFix	HuntYethHounds
2026-03-15 10:16	greatsorors.digital	Unknown malware	ClickFix	HuntYethHounds
2026-03-15 10:13	v3lv-watch.man4get.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 10:07	soldraex2.man4get.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 10:02	airwaybroker.m4gnet.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 09:57	odszkodowaniacoventry.co.uk	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 09:57	jbd2kj.m4gnet.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 09:51	solmarkex.m4gnet.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 09:40	spr1ng-field.farmanager.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 09:34	salestru.farmanager.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 09:34	https://cloud-save-image.sbs/api/index.php	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-03-15 09:33	https://cloud-save-image.sbs/api/css.js	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-03-15 09:33	cloud-save-image.sbs	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-03-15 09:28	temp0-beam.farmanager.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 09:23	slopar.farmanager.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 09:18	alt-w4go.checkstor.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 09:13	6tym.checkstor.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 09:08	privateflame.checkstor.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 08:59	bloomhaul.checkstor.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 08:27	638490.idealgo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 08:20	www.fahrzeugshaus-mueller.de	Remcos	c2 remcos	juroots
2026-03-15 08:19	156.216.88.76:7770	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	https://selot.jp.net/	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	https://xn--gmq90amm486bwinn5dqrt.jp.net/	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	antenistabarcelona.com	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	concel.co.com	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	email.webtechcorp.co.uk	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	gate.webtechcorp.co.uk	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	mail9.webtechcorp.co.uk	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	mails.webtechcorp.co.uk	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	malware.webtechcorp.co.uk	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	mx5.webtechcorp.co.uk	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	newmail.webtechcorp.co.uk	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	selot.jp.net	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	smtp1.webtechcorp.co.uk	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	sniper.webtechcorp.co.uk	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:19	xn--gmq90amm486bwinn5dqrt.jp.net	AsyncRAT	asyncrat c2	juroots
2026-03-15 08:18	http://nid.naver.desaindigital.com/	Kimsuky	c2 kimsuky URLQuery	juroots
2026-03-15 08:17	http://statsinfos.com/	Unknown malware	c2 UNAM URLQuery	juroots
2026-03-15 08:16	http://dt.ndocbpass.dns.army/	Kimsuky	c2 kimsuky URLscan	juroots
2026-03-15 08:16	genomecouri.idealgo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 08:16	http://101.36.114.24/	Kimsuky	c2 kimsuky URLscan	juroots
2026-03-15 08:16	http://ndocppass.dns.army/	Kimsuky	c2 kimsuky URLscan	juroots
2026-03-15 08:16	http://ndocepass.dns.army/	Kimsuky	c2 kimsuky URLscan	juroots
2026-03-15 08:16	http://ndocnpass.dns.army/	Kimsuky	c2 kimsuky URLscan	juroots
2026-03-15 08:16	http://ndochpass.dns.army/	Kimsuky	c2 kimsuky URLscan	juroots
2026-03-15 08:15	http://ndocfpass.dns.army/	Kimsuky	c2 kimsuky URLscan	juroots
2026-03-15 08:15	http://ndocabpass.dynv6.net/	Kimsuky	c2 kimsuky URLscan	juroots
2026-03-15 08:10	guidecoral.idealgo.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 08:03	mer-forgeon.idealgo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 08:01	168.245.203.60:3790	Meterpreter	AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter	DonPasci
2026-03-15 08:00	178.128.123.209:4410	DCRat	AS14061 c2 censys dcrat DIGITALOCEAN-ASN RAT	DonPasci
2026-03-15 08:00	111.196.69.56:5200	DCRat	AS4808 c2 censys CHINA169-BJ dcrat RAT	DonPasci
2026-03-15 08:00	196.202.102.11:7443	Unknown malware	AS8452 c2 censys Mythic TE-AS	DonPasci
2026-03-15 08:00	156.234.56.50:48711	Cobalt Strike	AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK	DonPasci
2026-03-15 08:00	156.234.56.37:48711	Cobalt Strike	AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK	DonPasci
2026-03-15 08:00	156.234.56.52:48711	Cobalt Strike	AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK	DonPasci
2026-03-15 08:00	156.234.56.42:48711	Cobalt Strike	AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK	DonPasci
2026-03-15 07:50	103.236.63.138:6666	ValleyRAT	RAT ValleyRAT	abuse_ch
2026-03-15 07:32	obsdeboomgaard.nl	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 07:19	obrazdzs.ru	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 07:15	foresrebat.foldername.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 07:09	fjor9-lab.foldername.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 07:05	http://webcdns.com:2083/static-directory/lt.mp3	Cobalt Strike	CobaltStrike	abuse_ch
2026-03-15 07:03	tru3-hold.foldername.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 07:00	catcharisingstar.us.com	Quasar RAT	quasar	dyingbreeds_
2026-03-15 07:00	dovney.com	Quasar RAT	quasar	dyingbreeds_
2026-03-15 06:58	lumspireos.foldername.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 06:53	vornexon.zipfolder.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 06:51	38.60.224.176:443	Cobalt Strike	CobaltStrike cs-watermark-987654321	abuse_ch
2026-03-15 06:51	143.92.51.45:8088	Cobalt Strike	CobaltStrike cs-watermark-305419896	abuse_ch
2026-03-15 06:51	119.29.117.194:801	Cobalt Strike	CobaltStrike cs-watermark-987654321	abuse_ch
2026-03-15 06:51	217.156.122.251:443	Cobalt Strike	CobaltStrike cs-watermark-987654321	abuse_ch
2026-03-15 06:49	185.242.245.69:5000	IClickFix	c2 ClickFix russian	Lenard
2026-03-15 06:49	http://185.242.245.69:5000/DForecast/p2/e70d098aace7414caa01272494f1c947	IClickFix	ClickFix russian	Lenard
2026-03-15 06:49	77cfee64e0634bf8e0ccac9264f9915c1122619b86e3c18236224c4006ecf52f	IClickFix	ClickFix russian	Lenard
2026-03-15 06:49	4b78364cb434ab7380a20b48f79ebcfb8f1a0e90488887f8c890d9a696c903bd	IClickFix	ClickFix russian	Lenard
2026-03-15 06:49	1456fa7b402fe0fcc4997d62a6216e5656530068b7cb3534cfe5cdf841ee61ec	IClickFix	ClickFix russian	Lenard
2026-03-15 06:49	https://wellnessmedcare.org/buch/Favorites/document.doc.LnK	BEARDSHELL	APT28 CVE-2026-21509 Operation_Neusploit WebDav	Lenard
2026-03-15 06:49	documentsstorage.chickenkiller.com	BEARDSHELL		Lenard
2026-03-15 06:48	publicshare.chickenkiller.com	BEARDSHELL		Lenard
2026-03-15 06:48	https://freefoodaid.com/ankara/Favorites/document.doc.LnK	BEARDSHELL	APT28 CVE-2026-21509 Operation_Neusploit WebDav	Lenard
2026-03-15 06:48	193.187.148.169:443	BEARDSHELL		Lenard
2026-03-15 06:48	23.227.202.14:443	BEARDSHELL	APT28 Operation_Neusploit	Lenard
2026-03-15 06:48	72.62.185.31:443	BEARDSHELL	APT28 Operation_Neusploit	Lenard
2026-03-15 06:48	159.253.120.2:443	BEARDSHELL	APT28 Operation_Neusploit	Lenard
2026-03-15 06:48	smerias.info	NetSupportManager RAT	ClickFix erans.ru NetSupport reserve-C2	Lenard
2026-03-15 06:48	basular.info	NetSupportManager RAT	ClickFix erans.ru NetSupport reserve-C2	Lenard
2026-03-15 06:48	nbovsc.com	NetSupportManager RAT	ClickFix NetSupport staging	Lenard
2026-03-15 06:48	whovcs.com	NetSupportManager RAT	ClickFix NetSupport staging	Lenard
2026-03-15 06:48	nexus-server.click	IClickFix	AS202412 ClickFix ErrTraffic Omegatech	Lenard
2026-03-15 06:48	91.199.163.53:443	NetSupportManager RAT	Alviva c2 NetSupport	Lenard
2026-03-15 06:48	103.83.87.178:1990	XWorm	c2 XWorm	Lenard
2026-03-15 06:48	http://158.94.211.208/OBOXW2026.txt	XWorm	OBOXW2026 Omegatech staging XWorm	Lenard
2026-03-15 06:48	tur.applecloud.com.co	XWorm	Apple_impersonation phishing turkey XWorm	Lenard
2026-03-15 06:48	mail.clearvwtp.shop	XWorm	email_infrastructure phishing XWorm	Lenard
2026-03-15 06:48	mail.wetradetra.cfd	XWorm	email_infrastructure phishing XWorm	Lenard
2026-03-15 06:48	mail.wetrasogo.shop	XWorm	email_infrastructure phishing XWorm	Lenard
2026-03-15 06:48	91.84.122.33:80	ClearFake	ClearFake ClickFix WebDav	Lenard
2026-03-15 06:48	ed130e3df72984c816fe23f9f61f0ae01478840d1227015df4e44685523abbd9	ClearFake	ClearFake dll WebDav	Lenard
2026-03-15 06:48	f6c1d093b76a18ffbe8fcafd2e29402a2c9ddf51a1ee80ce218059a10b79edab	ClearFake	ClearFake dll WebDav	Lenard
2026-03-15 06:48	06d8a0195397fbc996eca2f8480dd180300628bbbc192e69145686b9e4f409a9	ClearFake	ClearFake dll WebDav	Lenard
2026-03-15 06:48	94.154.35.166:443	ClearFake	bulletproof ClearFake Omegatech	Lenard
2026-03-15 06:48	94.154.35.162:80	ClearFake	bulletproof ClearFake Omegatech	Lenard
2026-03-15 06:48	94.154.35.166:80	ClearFake	bulletproof ClearFake Omegatech	Lenard
2026-03-15 06:48	178.16.52.101:80	ClearFake	bulletproof ClearFake Omegatech	Lenard
2026-03-15 06:48	ghost-node-0.fiumeveloce.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:48	qpiihw67.zipfolder.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 06:48	ingress.local	Cobalt Strike		duggusa
2026-03-15 06:48	auth-z9-user.mondofuturo.in.net	ClearFake	15March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:48	srv-77-meta.schnellerechner.in.net	ClearFake	15March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:48	cdn-static-v5.petitnuage.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:48	api-v3-storage.petitnuage.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:48	metrics-sync-1.petitnuage.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:48	goldbox.digital	ClearFake	14March2026 ClearFake Commandline macOS	Gi7w0rm
2026-03-15 06:48	cloud-drive-v7.fortezzarossa.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:48	srv-cluster-01.fortezzarossa.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:48	web-proxy-alt.fortezzarossa.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:47	remote-access-2.stillewasser.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:47	backend-node-v.stillewasser.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:47	cache-dist-10.stillewasser.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:47	internal-sys-x.stillewasser.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:47	work-flow-v0.mondolibre.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:47	staff-portal-1.mondolibre.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:47	main-point-1.metallocielo.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:47	api-app.uppercrafteroom.com	FAKEUPDATES	SocGholish TDS	rmceoin
2026-03-15 06:47	infra-web-01.metallocielo.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:47	sat-uplink-5.grandevision.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:45	hyper-sc4n.zipfolder.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 06:44	nanaonsol.lol	Unknown malware	BadCoin ClickFix	HuntYethHounds
2026-03-15 06:44	ai-process-guide.cfd	ClearFake	ClearFake ClickFix	skocherhan
2026-03-15 06:44	florixeo.us	ClearFake	ClearFake ClickFix	skocherhan
2026-03-15 06:44	open-space-1.silberpfad.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:44	steel-base-7.grandevision.in.net	ClearFake	14March2026 ClearFake Commandline Windows	Gi7w0rm
2026-03-15 06:44	https://virtual-cdncloud.sbs/api/index.php	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-03-15 06:43	volt-layer.zipfolder.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 06:41	main-z7-point.metallocampo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 06:40	8.210.49.79:9090	ValleyRAT	RAT ValleyRAT	abuse_ch
2026-03-15 06:40	wenfengas68.com	ValleyRAT	RAT ValleyRAT	abuse_ch
2026-03-15 06:38	www.cfqax.cyou	ValleyRAT	RAT ValleyRAT	abuse_ch
2026-03-15 06:38	www.cfqaz.cyou	ValleyRAT	RAT ValleyRAT	abuse_ch
2026-03-15 06:37	slong.help	ValleyRAT	RAT ValleyRAT	abuse_ch
2026-03-15 06:36	sync-x1-data.metallocampo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 06:31	gate-v8-proxy.metallocampo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 06:30	20.2.211.167:80	ValleyRAT	RAT ValleyRAT	abuse_ch
2026-03-15 06:26	web-31-infra.metallocampo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 06:21	oanobwsc.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 06:20	link-z2-sat.grandeparole.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 06:12	core-x3-rock.grandeparole.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 06:12	o2vietnam.com.vn	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 06:07	base-v5-steel.grandeparole.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 06:04	nzukorchrist.org	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 06:02	orbit-90-moon.grandeparole.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 06:00	http://sibcomputer.ru	Amadey	Amadey c2 Loader triage	DonPasci
2026-03-15 05:58	nyugdij.cfholdingportal.hu	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 05:57	space-v7-open.silberfluss.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 05:51	nyghtly.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 05:51	field-x4-vast.silberfluss.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 05:45	zone-11-area.silberfluss.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 05:42	rim-v9-outer.silberfluss.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 05:38	nwonop.nl	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 05:37	sync-z0-vision.altotensione.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 05:33	point-x2-scan.altotensione.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 05:27	bridge-v4-light.altotensione.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 05:23	room-51-dark.altotensione.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 05:18	vision-x8-sync.froidelumiere.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 05:13	ghost-z1-node.froidelumiere.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 05:09	shell-v7-core.froidelumiere.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 05:04	nuu.zone	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 04:51	nutrivet.com.vn	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 04:49	trace-44-alpha.froidelumiere.in.net	ClearFake	ClearFake	Anonymous
2026-03-15 04:31	db-v12-point.mondofuturo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 04:21	nutri.claudineroberto.com.br	StrelaStealer	StrelaStealer	threatcat_ch
2026-03-15 04:19	base-x5-infra.mondofuturo.in.net	ClearFake	ClearFake	threatcat_ch
2026-03-15 04:10	nutracomplete.com	StrelaStealer	StrelaStealer	threatcat_ch