ThreatFox IOC Database

You are browsing the Indicator Of Compromise (IOC) database of ThreatFox. If you would like to contribute IOCs to the corpuse, you can do so through either the web form or the API.

690

IOCs shared (past 24 hours)

ClearFake

Most seen malware family (past 24 hours)

1'675'491

IOCs in corpus

Using the form below, you can search for malware samples by a hash (MD5, SHA256, SHA1), imphash, tlsh hash, ClamAV signature, tag or malware family.

Browse Database

Search syntax is as follow: keyword:search_term

Following is a list of accepted keywords along with an example search_term

ioc:ms-debug-services.com ( run)
malware:CobaltStrike ( run)
tag:TA505 ( run)
threat_type:cc_skimming ( run)
uuid:87f310f3-540b-11eb-922c-42010aa4000a ( run)

Date (UTC)	IOC	Malware	Tags	Reporter
2026-04-17 06:14	167.235.234.45:443	Interlock RAT		aqedg
2026-04-17 06:14	69.169.109.132:443	Interlock RAT		aqedg
2026-04-17 06:14	23.227.203.52:443	Interlock RAT		aqedg
2026-02-18 07:10	422755116ab311b473dd38ec88f129d9	Interlock	interlock Ransomware	TheRavenFile
2026-02-18 07:10	b2b03dfcdc2e59d81e99d20c15919a13	Interlock	interlock Ransomware	TheRavenFile
2026-02-18 07:10	9451420233168c7b0c595257d43c7b85	Interlock	interlock Ransomware	TheRavenFile
2026-02-18 07:10	784bc5b431fe71aaf85f7d39c014f099	Interlock	interlock Ransomware	TheRavenFile
2025-10-01 02:33	7e5ec68fd647e1a8fef30a2fbe250f9cf6bf6ea0ec1aa6bd37534517dd537a68	Interlock		Grim
2025-10-01 02:33	2c3d53c36f9d92978ab86b7ac0f4f5193c054914	Interlock		Grim
2025-10-01 02:33	7d90538f56b96333034287fdc5934a7c	Interlock		Grim
2025-10-01 02:33	9ba7bd0357cfd7907a4ee637dff005ec	Interlock		Grim
2025-10-01 02:33	960bfbed44a5b8abf1ae2fcb7eecb46ac526840030d5cdef1fad6a6bb379996c	Interlock		Grim
2025-10-01 02:33	f4bd4ea391c5bb63d817f0857703235145614b5c	Interlock		Grim
2025-10-01 02:33	9e35477130cd2731755a35e8b4c0429b	Interlock		Grim
2025-10-01 02:33	a501583bca532c4ea11b56780a13a865b609d6a0fcd92b9c9b522f1edcc49c29	Interlock		Grim
2025-10-01 02:33	28811b212449cd4b23042770b437b98acb3f9c47	Interlock		Grim
2025-06-25 09:51	event-time-microsoft.org	Interlock	Cloudflare	netresec
2025-06-25 09:51	event-datamicrosoft.live	Interlock	Cloudflare	netresec
2025-06-25 09:51	windows-msgas.com	Interlock	Cloudflare	netresec
2025-06-25 09:51	eventdata-microsoft.live	Interlock	Cloudflare	netresec
2025-06-25 09:51	varying-rentals-calgary-predict.trycloudflare.com	Interlock	Cloudflare	netresec
2025-06-13 06:03	assets-msnmicosot-ds.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	payment.mysoroush.com	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	windows-msn-cn.org	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	assets-msn-ds.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	teams-msg.com	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	silverithm-dispatch.store	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	settings-datamicrosoft.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	events-datamicrosoft.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	orion.mysoroush.com	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	configedge-assets.org	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	events-data-microsoft.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	grupomax-api.marcalgyn.com.br	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	eventsdata-microsoft-live.com	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	dnsg-windows-ds-data.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	events-data-microsoft.com	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	canismajor.mysoroush.com	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	swiftlymeds.com	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	configedge-assets.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	dnsg-windows-ds-data.com	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	teams-msg-ns.com	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	iarm.co.kr	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	assets-msn-ds.org	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	windowsds-time.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	windows-ds-time.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	teams-msg.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	dns-microsofts.com	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	assets-msn.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	events-dat-amicrosoft.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	settings-win-data-microsoft.org	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	windows-msg-as.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	dng-microsof-event.org	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	msgmicrosoft.com	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	assetsmsn-micosot.org	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	dns-gowindows-ds.org	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	teamsmsg-ns.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	windows-msgas.org	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	eventsdat-amicrosoft.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	windows-msg-as.com	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	teams-msg-microsoft.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	dnsgowindows-ds.live	Interlock	c2 interlock validin	juroots
2025-06-13 06:03	windows-msg-as.org	Interlock	c2 interlock validin	juroots
2025-06-12 11:03	never-powered-agency-hear.trycloudflare.com	Interlock	c2 interlock	juroots
2025-06-12 11:03	reached-loose-cashiers-logic.trycloudflare.com	Interlock	c2 interlock	juroots
2025-06-12 11:03	ears-circus-cam-lake.trycloudflare.com	Interlock	c2 interlock	juroots
2025-06-12 11:03	scary-halo-designing-time.trycloudflare.com	Interlock	c2 interlock	juroots
2025-06-12 11:03	showing-bl-order-skiing.trycloudflare.com	Interlock	c2 interlock	juroots
2025-06-12 11:03	config-edge-assets.live	Interlock	c2 interlock	juroots
2025-06-04 05:38	efea43500a35eb76433e596eeeb92f3e6bae37ca07611cd03cc3b56b18721627	Interlock RAT	InterlockRAT	Overkill1984zzz
2025-06-04 05:38	45.61.136.109:443	Interlock RAT	InterlockRAT	Overkill1984zzz
2025-06-04 05:38	49.12.69.80:443	Interlock RAT	InterlockRAT	Overkill1984zzz
2025-06-04 05:38	1e6d4f3eacfef45e2fdfe4d5218aa33079a9b5ca2bba1b0eb3c71f9a5d663ea9	Interlock RAT	InterlockRAT	Overkill1984zzz
2025-06-04 05:38	177.136.225.135:443	Interlock RAT	InterlockRAT	Overkill1984zzz
2025-06-04 05:38	e40e82b77019edca06c7760b6133c6cc481d9a22585dd80bce393f0bfbe47a99	Interlock RAT	InterlockRAT	Overkill1984zzz
2025-06-04 05:38	128.140.120.188:443	Interlock RAT	InterlockRAT	Overkill1984zzz
2025-05-20 06:12	sublime-tragedy-counties-sculpture.trycloudflare.com	Interlock	c2 interlock	juroots
2025-05-20 06:12	hours-affected-personals-grey.trycloudflare.com	Interlock	c2 interlock	juroots
2025-05-05 10:35	faf9a658f4f9b424be3dab262a8af81c	Interlock	interlock Ransomware	TheRavenFile
2025-05-05 10:35	33d8eabbf428fef8c5cd50b440ee3d07	Interlock	interlock Ransomware	TheRavenFile
2025-05-05 10:35	f73005682c1d90f4b3269483b687e891	Interlock	interlock Ransomware	TheRavenFile
2025-05-05 10:35	3104efb23ea174ac5eda9f5fd0e8c077	Interlock	interlock Ransomware	TheRavenFile