ThreatFox IOC Database

You are browsing the Indicator Of Compromise (IOC) database of ThreatFox. If you would like to contribute IOCs to the corpuse, you can do so through either the web form or the API.


516

IOCs shared (past 24 hours)

ClearFake

Most seen malware family (past 24 hours)

1'689'019

IOCs in corpus


Using the form below, you can search for malware samples by a hash (MD5, SHA256, SHA1), imphash, tlsh hash, ClamAV signature, tag or malware family.

Browse Database

Search syntax is as follow: keyword:search_term

Following is a list of accepted keywords along with an example search_term

  • ioc:ms-debug-services.com ( run)
  • malware:CobaltStrike ( run)
  • tag:TA505 ( run)
  • threat_type:cc_skimming ( run)
  • uuid:87f310f3-540b-11eb-922c-42010aa4000a ( run)

Date (UTC)IOCMalwareTagsReporter
2025-11-26 02:18cd2424e55fdcba12cd9ddda9c8c2b283 Medusa Grim
2025-11-26 02:18c966ace15bece19a119231dfaa2494f14200647fc7cb225667fb22cbb41436fd Medusa Grim
2025-11-26 02:181bebe5278bee9c8ad73522685bf8562f83fd9f46 Medusa Grim
2025-10-14 00:34cb28fedb96c71cfb4e5b6a0965ef25d2 Medusa Grim
2025-10-14 00:3484cc889ff7286bccfe7d76a92565a8c1404cfee4fd6cfb22139ddaa5c11d9508 Medusa Grim
2025-10-14 00:34f9a57a16a04586593a98ea4b5256b3510a59682b Medusa Grim
2025-10-02 23:44361c72e2042e5a0ede485b743e1708b2 MedusaLocker Grim
2025-10-02 23:44183e9d0d23ee006d5172ba32d0237b853adf1ed98bc318dc5ee5e1f8fb62b334 MedusaLocker Grim
2025-10-02 23:44c0ce83bd865263fdf2cde83893cbdba92adc0491 MedusaLocker Grim
2025-06-26 13:17https://twitter.com/doplghas Medusac2 Medusa juroots
2025-06-26 13:17https://t.me/zedezededeed Medusac2 Medusa juroots
2025-06-26 13:17https://icq.im/AoLH5bRXfAE6eCtbw1I Medusac2 Medusa juroots
2025-04-30 06:4184b88ac81e4872ff3bf15c72f431d101 MedusaLockermedusalocker Ransomware TheRavenFile
2025-04-30 06:41f257d37c05d29e725071a900ef49f1c9 MedusaLockermedusalocker Ransomware TheRavenFile
2025-04-30 06:4147386ee20a6a94830ee4fa38b419a6f7 MedusaLockermedusalocker Ransomware TheRavenFile
2025-04-30 06:41d0706d40e65e2dc6452c2279a4ab882c MedusaLockermedusalocker Ransomware TheRavenFile
2025-04-30 06:18983a20479a281a182d33b75c0945e447 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:18dc344328208c3481587d0aab1005fcdd MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:184fe99e5dc101170750d8ece6ea066155 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:1810911494fa52daee0279972f91fded01 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:1824ccd142ff83e8622f00f5443ea5cb2d MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:18a6980e543efa40771ed1dcf84b29d732 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:18a162a5c5ab72b3783215f52b9edc3680 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:18600371ebab1e29429f06a5b1909056e5 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:170067679c7033139bcbb273840494b324 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:17f05b57cdc3420acc359efe9e4941c428 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:17ec5b1a6de3564c26c4e0e804e6bc2ecb MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:17602d720f1184d2ad739568cbf6403331 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:170168a4daa9598e991e140057e59438f6 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:176be23d5a1ff1e9cbe99fe7f7c49a5607 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:17e874240a53fc353bc770f507445cc061 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:17eb46bc3e2ad88149176ef33c9fea087a MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:17bdf6ac02664baea655b103d50bdfd6ec MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:17bd29231bc4f2c6d2f22fa026e2eaca40 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:176b0631f823e171da4b7e9350f61a0536 MedusaMedusa Ransomware TheRavenFile
2025-04-30 06:1749b53d3c715ec879efeb51d386b9d923 MedusaMedusa Ransomware TheRavenFile
2025-01-27 13:53https://t.me/pempeppepepep Medusac2 Medusa juroots
2025-01-27 13:53https://icq.im/AoLH58pXY8ejJTQiWg8 Medusac2 Medusa juroots
2025-01-27 13:53https://t.me/xpembeppep2p2 Medusac2 Medusa juroots
2025-01-12 10:47https://t.me/anbshbb Medusac2 Medusa juroots
2025-01-12 10:47https://t.me/anbshaa Medusac2 Medusa juroots
2025-01-12 10:47https://t.me/anbsh26 Medusac2 Medusa juroots
2024-09-30 17:126b287c9921ea403a4276aeafd7d2d99a Medusa pitachu
2024-09-30 17:12fd4e44ad4498f6f7f0462cf33d28f806b0f70a37 Medusa pitachu
2024-09-30 17:12ad97778e3b922b7766712be17d309974fa92dd9dacf088ecd06b1d3cda049a64 Medusa pitachu
2024-06-21 06:37wizarr.manate.ch Medusa johannes
2024-06-21 06:37go-sw6-02.adventos.de Medusa johannes
2023-11-01 04:055.182.87.27:80 Medusa malpulse
2023-10-28 21:5178.141.239.24:80 Medusa malpulse
2023-10-28 21:5179.137.207.44:80 Medusa malpulse
2023-10-28 21:51109.107.181.169:80 Medusa malpulse
2023-10-28 21:51178.236.246.39:80 Medusa malpulse
2023-10-28 21:5120.0.25.177:80 Medusa malpulse
2023-10-28 21:5145.150.65.121:80 Medusa malpulse
2023-10-28 21:518.217.23.144:80 Medusa malpulse
2023-10-28 21:51212.118.52.90:80 Medusa malpulse
2023-10-28 21:51185.26.239.246:81 Medusa malpulse
2023-10-28 21:51178.236.247.9:80 Medusa malpulse
2023-10-28 21:5195.181.173.181:80 Medusa malpulse
2023-10-26 16:48185.106.94.31:80 MedusaMedusa ViriBack abuse_ch
2023-10-26 16:4885.192.63.65:80 MedusaMedusa ViriBack abuse_ch
2023-10-26 16:36193.233.133.81:80 MedusaMedusa ViriBack abuse_ch
2023-10-26 16:36146.70.161.13:80 MedusaMedusa ViriBack abuse_ch
2023-10-26 16:3677.105.147.136:80 MedusaMedusa ViriBack abuse_ch
2023-10-26 16:36212.113.116.56:80 MedusaMedusa ViriBack abuse_ch
2023-10-26 16:3689.185.85.132:80 MedusaMedusa ViriBack abuse_ch
2023-10-26 16:3695.181.173.235:80 MedusaMedusa ViriBack abuse_ch
2023-10-26 16:3695.181.173.8:80 MedusaMedusa ViriBack abuse_ch
2023-10-26 16:3695.181.173.233:80 MedusaMedusa ViriBack abuse_ch
2023-10-26 16:3689.185.85.34:80 MedusaMedusa ViriBack abuse_ch
2023-07-23 09:0045.15.157.16:80 MedusaMedusa ViriBack abuse_ch
2023-07-20 07:00193.233.133.97:80 MedusaMedusa ViriBack abuse_ch
2023-07-17 21:005.42.78.61:80 MedusaMedusa ViriBack abuse_ch
2023-07-15 18:4879.137.202.24:80 MedusaMedusa ViriBack abuse_ch
2023-07-15 01:1289.208.107.158:80 MedusaMedusa ViriBack abuse_ch
2023-07-15 01:12193.233.133.243:80 MedusaMedusa ViriBack abuse_ch
2023-07-15 01:12193.233.133.153:80 MedusaMedusa ViriBack abuse_ch
2023-07-15 01:1279.137.207.226:80 MedusaMedusa ViriBack abuse_ch
2023-07-09 06:4979.137.199.199:15666 MedusaMeduza stealer ViaPrivateLoader g0njxa
2023-06-30 06:24162.33.179.114:80 MedusaMedusa ViriBack abuse_ch
2023-06-30 06:2479.137.199.199:80 MedusaMedusa ViriBack abuse_ch
2023-06-30 06:2489.208.103.72:80 MedusaMedusa ViriBack abuse_ch
2023-06-30 06:2477.105.146.254:80 MedusaMedusa ViriBack abuse_ch
2023-06-30 06:2464.52.80.13:80 MedusaMedusa ViriBack abuse_ch
2023-06-30 06:2477.105.147.1:80 MedusaMedusa ViriBack abuse_ch
2023-06-30 06:24193.233.133.198:80 MedusaMedusa ViriBack abuse_ch
2023-06-30 06:245.61.49.177:80 MedusaMedusa ViriBack abuse_ch
2023-06-30 06:24185.112.83.36:80 MedusaMedusa ViriBack abuse_ch
2023-06-30 06:24185.46.46.133:80 MedusaMedusa ViriBack abuse_ch
2023-06-19 12:2977.105.147.140:80 MedusaMedusaStealer abuse_ch
2023-06-19 12:2977.105.147.140:15666 MedusaMedusaStealer abuse_ch
2021-03-29 11:304dd950fcdcd8483ec9346b4a5214931134975c439cf463daa3a0518cfc5db9a6 MedusaLockermedusalocker Virus_Deck
2021-03-29 11:3038ad791e5f0df27a55116ec18f2c31cc41feaaf7d235d85497a6cfa39ebfbebb MedusaLockermedusalocker Virus_Deck
2021-03-29 11:308894becff9f3ebc9c2d734b5f3341fd73017ef3bd42c2a40008b3325586cd0ee MedusaLockermedusalocker Virus_Deck
2021-03-29 11:30613f0384286bf9956143e5cd7f885cc9b2cf30acaab2fe67a891ff26aaa162fc MedusaLockermedusalocker Virus_Deck