ThreatFox IOC Database

You are browsing the Indicator Of Compromise (IOC) database of ThreatFox. If you would like to contribute IOCs to the corpuse, you can do so through either the web form or the API.

545

IOCs shared (past 24 hours)

ClearFake

Most seen malware family (past 24 hours)

1'675'117

IOCs in corpus

Using the form below, you can search for malware samples by a hash (MD5, SHA256, SHA1), imphash, tlsh hash, ClamAV signature, tag or malware family.

Browse Database

Search syntax is as follow: keyword:search_term

Following is a list of accepted keywords along with an example search_term

ioc:ms-debug-services.com ( run)
malware:CobaltStrike ( run)
tag:TA505 ( run)
threat_type:cc_skimming ( run)
uuid:87f310f3-540b-11eb-922c-42010aa4000a ( run)

Date (UTC)	IOC	Malware	Tags	Reporter
2026-05-04 07:28	frost.oceanblue.surf	ClearFake	ClearFake	Anonymous
2026-05-04 07:27	jump.powerdrift.surf	ClearFake	ClearFake	Anonymous
2026-05-04 07:27	195.226.92.129:27053	Unknown RAT	RAT SheetRAT	abuse_ch
2026-05-04 07:21	fast.powerdrift.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 07:17	ice.oceanblue.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 07:15	gwos.com	AsyncRAT	asyncrat	abuse_ch
2026-05-04 07:14	run.powerdrift.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 07:11	cold.oceanblue.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 07:08	8.156.34.194:1234	Cobalt Strike	CobaltStrike cs-watermark-391144938	abuse_ch
2026-05-04 07:08	101.37.174.115:2086	Cobalt Strike	CobaltStrike cs-watermark-987654321	abuse_ch
2026-05-04 07:08	https://clickfixsim.carsonww.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-04 07:06	rush.darktrace.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 07:06	fire.powerdrift.surf	ClearFake	ClearFake	Anonymous
2026-05-04 07:05	phishing.xoilacks.tv	AsyncRAT	asyncrat	abuse_ch
2026-05-04 07:00	high.logicreef.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 06:58	kick.darktrace.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 06:55	www.xoilacca.tv	AsyncRAT	asyncrat	abuse_ch
2026-05-04 06:55	airy.logicreef.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 06:52	jump.darktrace.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 06:47	view.logicreef.surf	ClearFake	ClearFake	Anonymous
2026-05-04 06:46	fast.darktrace.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 06:41	blue.logicreef.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 06:41	run.darktrace.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 06:35	star.logicreef.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 06:35	fire.darktrace.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 06:30	sky.logicreef.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 06:30	high.rapidreef.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 06:24	airy.rapidreef.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 06:24	gear.pixelstep.surf	ClearFake	ClearFake	Anonymous
2026-05-04 06:20	https://login-microsoft-virtualpe.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-04 06:20	https://cp-studio.ch/	Unknown malware	ClickFix	CarsonWilliams
2026-05-04 06:20	https://bgczf55evwi7s3qddrsvw9.xyz/	Unknown malware	ClickFix	CarsonWilliams
2026-05-04 06:20	https://v-k.com.ua/	Unknown malware	ClickFix	CarsonWilliams
2026-05-04 06:20	https://carnaval-morat.ch/	Unknown malware	ClickFix	CarsonWilliams
2026-05-04 06:20	https://pure-sapphire-d1ytvv11gv-bf5ube4qq9.edgeone.app/	Unknown malware	ClickFix	CarsonWilliams
2026-05-04 06:20	109.120.150.67:8888	Unknown malware		BlinkzSec
2026-05-04 06:20	http://43.156.175.5:8888/supershell/login/	Unknown malware	AS132203 Supershell	antiphishorg
2026-05-04 06:20	43.156.175.5:8888	Unknown malware	AS132203 Supershell	antiphishorg
2026-05-04 06:20	https://perimeterteam.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-04 06:20	https://southernstarinvestments.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-04 06:20	https://rentuas.icu/	Lumma Stealer	c2 DLL-sideloading infostealer Lumma LummaC2 renengine	Anonymous
2026-05-04 06:20	https://hustlefitness.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-04 06:20	http://145.241.198.20/pages/login.php	Unknown malware	AS31898 Oracle Corporation UNAM	antiphishorg
2026-05-04 06:20	31.56.209.125:1999	Mirai	Mirai	seckle
2026-05-04 06:20	https://sites.google.com/view/version-0105	Unknown Stealer	InstallFix	ineffyble
2026-05-04 06:18	snap.pixelstep.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 06:11	dash.pixelstep.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 06:10	blue.rapidreef.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 06:04	mode.pixelstep.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 06:03	star.rapidreef.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 05:57	skip.pixelstep.surf	ClearFake	ClearFake	Anonymous
2026-05-04 05:57	sky.rapidreef.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 05:52	gear.boldpulse.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 05:52	echo.pixelstep.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 05:47	flow.nanologic.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 05:40	zeno.nanologic.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 05:40	dash.boldpulse.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 05:35	newremupdate.duckdns.org	Remcos	remcos	abuse_ch
2026-05-04 05:35	bolt.nanologic.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 05:34	mode.boldpulse.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 05:29	key.nanologic.surf	ClearFake	ClearFake	Anonymous
2026-05-04 05:28	skip.boldpulse.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 05:24	pure.nanologic.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 05:18	atom.nanologic.surf	ClearFake	ClearFake	Anonymous
2026-05-04 05:16	flow.magicstep.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 05:12	site.metadrive.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 05:10	zeno.magicstep.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 05:07	host.metadrive.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 05:04	bolt.magicstep.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 05:01	core.metadrive.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 04:53	gate.metadrive.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 04:51	pure.magicstep.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 04:44	edge.metadrive.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 04:43	atom.magicstep.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 04:39	apex.metadrive.surf	ClearFake	ClearFake	Anonymous
2026-05-04 04:32	node.cyberlayer.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 04:32	host.goldengate.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 04:27	beta.cyberlayer.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 04:27	core.goldengate.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 04:19	mobi.cyberlayer.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 04:19	gate.goldengate.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 04:13	grid.cyberlayer.surf	ClearFake	ClearFake	Anonymous
2026-05-04 04:13	edge.goldengate.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 04:08	sync.cyberlayer.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 04:07	apex.goldengate.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 04:02	nova.cyberlayer.surf	ClearFake	ClearFake	Anonymous
2026-05-04 04:02	node.urbanflux.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 03:56	omni.urbanpulse.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 03:56	beta.urbanflux.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 03:50	link.urbanpulse.surf	ClearFake	ClearFake	Anonymous
2026-05-04 03:50	mobi.urbanflux.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 03:42	byte.urbanpulse.surf	ClearFake	ClearFake	Anonymous
2026-05-04 03:42	grid.urbanflux.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 03:37	flux.urbanpulse.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 03:37	sync.urbanflux.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 03:31	zeta.urbanpulse.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 03:30	nova.urbanflux.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 03:23	vibe.urbanpulse.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 03:23	omni.silveraxis.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 03:18	mass.solidcore.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 03:17	link.silveraxis.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 03:11	byte.silveraxis.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 03:10	area.solidcore.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 03:05	flow.silveraxis.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 03:00	hard.solidcore.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 02:59	zeta.silveraxis.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 02:50	base.solidcore.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 02:50	vibe.silveraxis.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 02:44	rock.solidcore.surf	ClearFake	ClearFake	Anonymous
2026-05-04 02:41	fast.fira6dox.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 02:39	iron.solidcore.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 02:36	pure.fira6dox.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 02:33	wild.greenforest.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 02:30	blue.fira6dox.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 02:23	park.greenforest.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 02:22	view.fira6dox.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 02:15	wood.greenforest.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 02:14	sky.fira6dox.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 02:09	tree.greenforest.surf	ClearFake	ClearFake	Anonymous
2026-05-04 02:08	star.fira6dox.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 02:03	root.greenforest.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 02:03	upd.xano4mel.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 01:58	leaf.greenforest.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 01:57	site.xano4mel.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 01:52	wind.winterpeak.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 01:52	gate.xano4mel.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 01:46	base.xano4mel.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 01:46	zone.winterpeak.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 01:41	temp.winterpeak.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 01:40	edge.xano4mel.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 01:36	apex.xano4mel.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 01:35	frost.winterpeak.surf	ClearFake	ClearFake	Anonymous
2026-05-04 01:28	zoom.brix9qen.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 01:28	ice.winterpeak.surf	ClearFake	ClearFake	Anonymous
2026-05-04 01:22	cold.winterpeak.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 01:22	bolt.brix9qen.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 01:14	rush.rapidstorm.surf	ClearFake	ClearFake	Anonymous
2026-05-04 01:14	kick.brix9qen.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 01:09	gear.brix9qen.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 01:09	kick.rapidstorm.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 01:03	jump.rapidstorm.surf	ClearFake	ClearFake	Anonymous
2026-05-04 01:01	snap.brix9qen.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 00:56	dash.brix9qen.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 00:56	fast.rapidstorm.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 00:48	run.rapidstorm.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 00:48	host.gela1vor.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 00:43	fire.rapidstorm.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 00:42	link.gela1vor.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 00:35	core.gela1vor.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 00:32	high.brightreef.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 00:30	axis.gela1vor.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 00:17	bolt.gela1vor.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 00:16	airy.brightreef.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 00:11	proxy.gela1vor.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 00:08	view.brightreef.surf	ClearFake	ClearFake	threatcat_ch
2026-05-04 00:05	zeno.taro5lin.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-04 00:02	blue.brightreef.surf	ClearFake	4May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 23:59	wave.taro5lin.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 23:57	star.brightreef.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 23:55	spark.taro5lin.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 23:51	sky.brightreef.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 23:48	shift.taro5lin.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 23:43	gear.neonstream.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 23:43	macro.taro5lin.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 23:37	snap.neonstream.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 23:33	alpha.taro5lin.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 23:30	dash.neonstream.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 23:27	nx88.novi7xel.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 23:22	mode.neonstream.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 23:20	neon.novi7xel.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 23:14	skip.neonstream.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 23:14	ultra.novi7xel.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 23:08	echo.neonstream.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 23:08	trace.novi7xel.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 23:03	flow.purelogic.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 23:00	pulse.novi7xel.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 22:57	zeno.purelogic.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 22:55	delta.novi7xel.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 22:52	bolt.purelogic.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 22:49	logic.mira2tal.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 22:46	key.purelogic.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 22:44	point.mira2tal.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 22:40	pure.purelogic.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 22:36	mobi.mira2tal.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 22:32	atom.purelogic.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 22:31	tetra.mira2tal.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 22:25	site.digitaltide.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 22:23	quant.mira2tal.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 22:16	host.digitaltide.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 22:11	orbit.pavo8rex.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 22:11	core.digitaltide.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 22:02	gate.digitaltide.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 22:00	sonic.pavo8rex.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 21:57	edge.digitaltide.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 21:54	grid.pavo8rex.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 21:51	apex.digitaltide.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 21:49	atlas.pavo8rex.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 21:43	node.cyberdrift.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 21:43	sync.pavo8rex.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 21:37	beta.cyberdrift.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 21:37	beta.lena3qit.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 21:26	infra.lena3qit.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 21:25	mobi.cyberdrift.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 21:21	prime.lena3qit.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 21:09	grid.cyberdrift.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 21:07	flux.lena3qit.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 21:04	sync.cyberdrift.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 21:01	node.lena3qit.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 20:57	nova.cyberdrift.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 20:55	cyber.lena3qit.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 20:52	omni.quantumwave.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 20:50	omni.zori6mav.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 20:46	link.quantumwave.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 20:44	kilo.zori6mav.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 20:41	byte.quantumwave.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 20:39	vortex.zori6mav.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 20:33	flux.quantumwave.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 20:32	zeta.zori6mav.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 20:26	89.124.121.249:3001	XWorm	XWorm	abuse_ch
2026-05-03 20:25	zeta.quantumwave.surf	ClearFake	ClearFake	Anonymous
2026-05-03 20:20	vibe.quantumwave.surf	ClearFake	ClearFake	threatcat_ch
2026-05-03 20:19	pixel.zori6mav.surf	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 20:14	rush.andipfs.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 20:14	pixel.ratbasic.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 20:08	omni.ratbasic.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 20:08	kick.andipfs.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 20:04	vuufaahx.ass-ecuadorian.digital	ClearFake	ClearFake	Anonymous
2026-05-03 20:03	9bpjfhp7.ass-ecuadorian.digital	ClearFake	ClearFake	threatcat_ch
2026-05-03 20:02	jump.andipfs.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 19:56	fast.andipfs.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 19:55	nexus.ratbasic.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 19:50	run.andipfs.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 19:50	prime.ratbasic.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 19:46	https://pixeldizz.icu/ext.1067432eccd8.js	Unknown malware	ClickFix EXT	HuntYethHounds
2026-05-03 19:45	fire.andipfs.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 19:45	https://pixeldizz.icu/ext-b.99ce8c2d38f3.js	Unknown malware	ClickFix EXT	HuntYethHounds
2026-05-03 19:44	https://pixeldizz.icu/t.188cfd3975db.js	Unknown malware	ClickFix EXT	HuntYethHounds
2026-05-03 19:42	https://pixeldizz.icu/t.js	Unknown malware	ClickFix EXT	HuntYethHounds
2026-05-03 19:42	pixeldizz.icu	Unknown malware	ClickFix EXT	HuntYethHounds
2026-05-03 19:39	high.ipfsway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 19:39	kilo.ladboost.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 19:36	https://pixellanalit213.buzz/ext.1067432eccd8.js	Unknown malware	ClickFix EXT	HuntYethHounds
2026-05-03 19:35	https://pixellanalit213.buzz/ext-b.99ce8c2d38f3.js	Unknown malware	ClickFix EXT	HuntYethHounds
2026-05-03 19:35	https://pixellanalit213.buzz/t.188cfd3975db.js	Unknown malware	ClickFix EXT	HuntYethHounds
2026-05-03 19:34	https://pixellanalit213.buzz/t.js	Unknown malware	ClickFix EXT	HuntYethHounds
2026-05-03 19:34	pixellanalit213.buzz	Unknown malware	ClickFix EXT	HuntYethHounds
2026-05-03 19:33	airy.ipfsway.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 19:33	proxy.ladboost.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 19:32	https://framesavecloudjs.beer/api/css.js	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-05-03 19:32	framesavecloudjs.beer	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-05-03 19:27	macro.ladboost.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 19:25	view.ipfsway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 19:21	point.ladboost.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 19:20	blue.ipfsway.lat	ClearFake	ClearFake	Anonymous
2026-05-03 19:16	logic.ladboost.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 19:14	star.ipfsway.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 19:09	delta.ladboost.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 19:08	sky.ipfsway.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 19:04	pulse.ashjunit.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 19:03	gear.querytan.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 18:58	quant.ashjunit.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 18:57	snap.querytan.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 18:52	orbit.ashjunit.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 18:49	dash.querytan.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 18:44	mode.querytan.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 18:43	190.255.86.67:5012	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-05-03 18:43	190.255.86.67:5061	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-05-03 18:43	190.255.86.67:5123	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-05-03 18:43	190.255.86.67:5469	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-05-03 18:42	spark.ashjunit.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 18:38	skip.querytan.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 18:36	shift.ashjunit.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 18:32	echo.querytan.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 18:27	flux.vmesscab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 18:24	wave.radiomop.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 18:21	zeno.vmesscab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 18:19	ultra.radiomop.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 18:16	bolt.vmesscab.lat	ClearFake	ClearFake	Anonymous
2026-05-03 18:13	tetra.radiomop.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 18:10	key.vmesscab.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 18:08	pulse.radiomop.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 18:04	pure.vmesscab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 18:02	neon.radiomop.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:59	atom.vmesscab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:57	mass.lapatom.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:53	site.agocert.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 17:47	host.agocert.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:45	hard.lapatom.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:42	core.agocert.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:36	gate.agocert.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:34	rock.lapatom.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:30	edge.agocert.lat	ClearFake	ClearFake	Anonymous
2026-05-03 17:26	iron.lapatom.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:25	apex.agocert.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:21	wild.graphjoy.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:17	node.ipsetlap.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 17:14	park.graphjoy.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:11	beta.ipsetlap.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 17:06	mobi.ipsetlap.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:03	tree.graphjoy.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 17:01	grid.ipsetlap.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 16:55	sync.ipsetlap.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 16:52	leaf.graphjoy.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 16:49	nova.ipsetlap.lat	ClearFake	ClearFake	Anonymous
2026-05-03 16:46	wind.posixuse.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 16:42	axis.agilelid.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 16:41	zone.posixuse.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 16:40	23.132.164.14:5000	Remcos	remcos	abuse_ch
2026-05-03 16:36	link.agilelid.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 16:35	temp.posixuse.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 16:31	byte.agilelid.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 16:30	frost.posixuse.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 16:23	flow.agilelid.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 16:22	ice.posixuse.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 16:16	zeta.agilelid.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 16:15	cold.posixuse.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 16:10	vibe.agilelid.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 16:09	mistmicrob.vertnop.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 16:05	des1g-vector.toorout.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 16:04	83yy.vertnop.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:59	reta-wave.woodfor.lat	ClearFake	ClearFake	Anonymous
2026-05-03 15:58	0gap.vertnop.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:53	9wwp.woodfor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:53	proto-r3lay.vertnop.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:47	5now-mount.woodfor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:47	quorvaleum.vertnop.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:42	emjp1vs.woodfor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:41	99ommf.vertnop.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:39	pack.nppacks.com	Unknown malware	Broomstick payload PhantomRaven	johannes
2026-05-03 15:39	hblnew.ecompk.com	Unknown malware	Broomstick payload PhantomRaven	johannes
2026-05-03 15:39	https://tomselman.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 15:36	u1tr4-scope.woodfor.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 15:35	036badz.vertnop.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:30	sunwinclub.eu.com	DarkComet	darkcomet	abuse_ch
2026-05-03 15:30	packagesca.woodfor.lat	ClearFake	ClearFake	Anonymous
2026-05-03 15:29	11x74.bordklo.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:24	9wk4ykk.woodfor.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 15:24	42zn40lr.bordklo.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:19	lmzrj5.yeldfor.lat	ClearFake	ClearFake	Anonymous
2026-05-03 15:19	geo-p1tch.bordklo.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:13	rnqb.yeldfor.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 15:12	vividali.bordklo.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:07	s0un-panel.yeldfor.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 15:07	westpeta.bordklo.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 15:02	forestoke.yeldfor.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 14:59	p568vhkv.bordklo.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 14:56	dynforgear1.yeldfor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 14:55	104.26.1.202:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-05-03 14:55	104.26.0.202:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-05-03 14:55	172.67.69.89:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-05-03 14:54	broshad.bordklo.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 14:50	http://zowork.duckdns.org/zo/index.php	Azorult	AZORult	abuse_ch
2026-05-03 14:48	lvhpvce.yeldfor.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 14:45	obser-guide.bookuni.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 14:45	104.21.92.179:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-05-03 14:45	172.67.197.20:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-05-03 14:45	104.21.8.159:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-05-03 14:45	172.67.139.179:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-05-03 14:39	handlprint.yeldfor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 14:39	xunsicg.bookuni.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 14:32	vvagon-index.poorbet.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 14:32	soundclosed.bookuni.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 14:26	pwev0y0.poorbet.lat	ClearFake	ClearFake	Anonymous
2026-05-03 14:26	hollowass.bookuni.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 14:19	1nspec-mark.poorbet.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 14:19	ch3ckp0-crest.bookuni.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 14:13	coveree.bookuni.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 14:12	quorforgeis5.poorbet.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 14:06	bchx.poorbet.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 14:06	monitor-graph.toorout.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 13:58	ac8oq.toorout.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 13:57	dispatcherpodcast.poorbet.lat	ClearFake	ClearFake	Anonymous
2026-05-03 13:50	nortspec.poorbet.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 13:44	sub-5h3l.toorout.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 13:42	pr1nt-plate.qantuni.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 13:37	meta-g3no.toorout.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 13:35	v1vid-sync.qantuni.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 13:31	f29i.toorout.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 13:30	192.238.184.250:558	ValleyRAT	valleyrat_s2	abuse_ch
2026-05-03 13:30	192.238.184.250:80	ValleyRAT	valleyrat_s2	abuse_ch
2026-05-03 13:30	trfsgysu28opask03.duckdns.org	Remcos	remcos	abuse_ch
2026-05-03 13:30	trfsgysu28opask04.duckdns.org	Remcos	remcos	abuse_ch
2026-05-03 13:30	trfsgysu28opask05.duckdns.org	Remcos	remcos	abuse_ch
2026-05-03 13:30	trfsgysu28opask06.duckdns.org	Remcos	remcos	abuse_ch
2026-05-03 13:30	downgradeload720fflie.duckdns.org	Remcos	remcos	abuse_ch
2026-05-03 13:28	wq278yz.qantuni.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 13:25	112.213.108.180:7788	ValleyRAT	RAT ValleyRAT	abuse_ch
2026-05-03 13:25	192.238.184.250:557	ValleyRAT	RAT ValleyRAT	abuse_ch
2026-05-03 13:25	http://62.109.13.128/Math/recordlog/pluginCamrulescreen/mobileCamcore/Pythonbin/PythontracePythondata/EternalVmlowApiflower.php	DCRat	dcrat RAT	abuse_ch
2026-05-03 13:25	http://allanhorca.temp.swtest.ru/1a26e1f6.php	DCRat	dcrat RAT	abuse_ch
2026-05-03 13:25	172.111.169.68:9702	Remcos	RAT RemcosRAT	abuse_ch
2026-05-03 13:21	k7zm2.qantuni.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 13:14	yhrjk4yd.qantuni.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 13:10	yzhf.qantuni.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 13:06	area.solidtechcore.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 13:03	dynamicloc.qantuni.lat	ClearFake	ClearFake	Anonymous
2026-05-03 12:59	hard.solidtechcore.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 12:57	wood-zone.weplord.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 12:53	base.solidtechcore.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 12:45	x7abhl.weplord.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 12:44	80.78.22.41:783	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-03 12:44	49.232.90.5:18443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-03 12:44	45.227.253.121:51227	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-03 12:44	38.165.21.163:18443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-03 12:44	151.245.90.45:443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-03 12:44	ap.johamp.com	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-03 12:39	kelcoreet.weplord.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 12:36	iron.solidtechcore.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 12:32	velvenor4.weplord.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 12:29	wind.winterstormhub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 12:24	moduleprime.weplord.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 12:16	merspirea.weplord.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 12:12	temp.winterstormhub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 12:10	talcrestex7.weplord.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 12:05	frost.winterstormhub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 12:03	clusteroasi.wentgot.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 11:58	ice.winterstormhub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:57	vs2uc.wentgot.lat	ClearFake	ClearFake	Anonymous
2026-05-03 11:51	cold.winterstormhub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:50	runw2-flow.wentgot.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:45	high.brightflowsite.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:44	indexlaunc.wentgot.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 11:39	airy.brightflowsite.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:37	urwiban.wentgot.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 11:31	view.brightflowsite.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:30	vel-nexon.wentgot.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 11:24	rrjp7hig.wentgot.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:18	sky.brightflowsite.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:17	solmarkis1.klatren.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 11:12	star.brightflowsite.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:11	texg.klatren.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:05	rush.redstonenova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:03	zen-venor.klatren.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 10:59	kick.redstonenova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:57	kel-crestis.klatren.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 10:52	jump.redstonenova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:50	mrky.klatren.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:45	fast.redstonenova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:42	4ct1ve-point.klatren.lat	ClearFake	ClearFake	Anonymous
2026-05-03 10:37	run.redstonenova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:35	tokenimport.klatren.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 10:30	fire.redstonenova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:26	look.darkwinterlab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:23	wild.greenlogiclab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:19	great.wintercoldlab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:16	park.greenlogiclab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:13	last.solidstonecore.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:09	wood.greenlogiclab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:03	tree.greenlogiclab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:56	root.greenlogiclab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:52	poon.solidstonecore.lat	ClearFake	ClearFake	Anonymous
2026-05-03 09:49	leaf.greenlogiclab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:45	qanti.solidstonecore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 09:42	gear.techdriftway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:38	fast.magicflowpoint.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 09:32	pure.magicflowpoint.lat	ClearFake	ClearFake	Anonymous
2026-05-03 09:29	dash.techdriftway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:25	blue.magicflowpoint.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:23	mode.techdriftway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:18	view.magicflowpoint.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 09:12	sky.magicflowpoint.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:10	echo.techdriftway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:03	star.magicflowpoint.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:03	nx99.quantumbase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:57	upd.wintercoldlab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:57	zeno.quantumbase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:50	site.wintercoldlab.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 08:49	bolt.quantumbase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:43	46.151.182.148:25608	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-05-03 08:43	gate.wintercoldlab.lat	ClearFake	ClearFake	Anonymous
2026-05-03 08:43	217.145.226.192:7747	DCRat	dcrat drb-ra RAT	abuse_ch
2026-05-03 08:43	182.23.2.163:18569	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-05-03 08:43	159.69.90.48:4321	AdaptixC2	AdaptixC2 drb-ra	abuse_ch
2026-05-03 08:42	key.quantumbase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:37	base.wintercoldlab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:36	pure.quantumbase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:30	edge.wintercoldlab.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 08:29	atom.quantumbase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:23	apex.wintercoldlab.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 08:23	site.infrawavepro.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:17	zoom.brightskycore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 08:16	host.infrawavepro.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:10	bolt.brightskycore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 08:10	core.infrawavepro.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:03	kick.brightskycore.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:03	gate.infrawavepro.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:57	gear.brightskycore.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:57	edge.infrawavepro.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:48	snap.brightskycore.lat	ClearFake	ClearFake	Anonymous
2026-05-03 07:47	apex.infrawavepro.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:41	dash.brightskycore.lat	ClearFake	ClearFake	Anonymous
2026-05-03 07:35	host.darkstonebase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:34	beta.cyberpulsehub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:33	https://uniaocasings.com.br/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:33	https://www.weddingcarsshrewsbury.co.uk/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:33	abramo8a.ru	magecart	Magecart	Localhost
2026-05-03 07:33	acint.net	magecart	Magecart	Localhost
2026-05-03 07:33	176.65.139.131:1999	Mirai	Mirai	seckle
2026-05-03 07:33	69sexy.duckdns.org	Mirai	Mirai	seckle
2026-05-03 07:33	platform.isystemservices.com	FAKEUPDATES	SocGholish	varysz
2026-05-03 07:33	203.96.177.124:443	SmartApeSG	ClickFix Shock-Hosting SmartApeSG	Lenny_3BO
2026-05-03 07:33	0ae3916addf8682d9b571a8602b1936eb2afd095872246fa9417223edad697f8	SmartApeSG	ClickFix powershell SmartApeSG stager	Lenny_3BO
2026-05-03 07:33	webmail.mentalpainandtrauma.com	FAKEUPDATES	SocGholish	varysz
2026-05-03 07:33	http://simplisticpride.com	FAKEUPDATES	fakeupdate	Localhost
2026-05-03 07:33	tcp://45.92.1.50/rondo.dus	Unknown malware	honeypot	greedybear
2026-05-03 07:33	https://thedragonyear.com/en/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:33	cpanel.ladytress.com	FAKEUPDATES	SocGholish	monitorsg
2026-05-03 07:33	45.153.34.107:54984	Nanocore RAT	Nancrat NanoCore NanoCore RAT	whoamix302
2026-05-03 07:33	192.109.200.124:54984	Nanocore RAT	Nancrat NanoCore NanoCore RAT	whoamix302
2026-05-03 07:33	185.220.205.80:54984	Nanocore RAT	Nancrat NanoCore NanoCore RAT	whoamix302
2026-05-03 07:33	120.221.87.198:10001	Xtreme RAT	ExtRat Xtreme RAT	whoamix302
2026-05-03 07:33	87.120.126.60:80	Stealc	Stealc	whoamix302
2026-05-03 07:33	170.64.177.194:31337	Sliver	sliver	whoamix302
2026-05-03 07:33	151.59.150.189:8080	SectopRAT	1xxbot ArechClient SectopRAT	whoamix302
2026-05-03 07:33	172.245.195.206:443	Remcos	remcos RemcosRAT Remvio Socmer	whoamix302
2026-05-03 07:33	110.37.35.199:41800	Mozi	Mozi	whoamix302
2026-05-03 07:33	47.239.118.144:8443	GobRAT	GobRAT	whoamix302
2026-05-03 07:33	147.45.197.92:443	GhostSocks	GhostSocks	whoamix302
2026-05-03 07:32	https://zorbit.online/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://trophyburrita.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://trucybersec.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://viethuonggroup.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://www.vocearomilor.ro/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://www.vla.academy/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://waltonpalmeronline.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://www.wswarchitects.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://wpcentral.app/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://weppa.cloud/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://x-print.gr/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://wedevall.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://watergroupsystems.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	default-configuration.vercel.app	Unknown malware	InvisibleFerret polinrider	johannes
2026-05-03 07:32	https://websis.lv/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	260120.vercel.app	Unknown malware	InvisibleFerret polinrider	johannes
2026-05-03 07:32	vscode-settings-bootstrap.vercel.app	Unknown malware	InvisibleFerret polinrider	johannes
2026-05-03 07:32	vscode-settings-config.vercel.app	Unknown malware	InvisibleFerret polinrider	johannes
2026-05-03 07:32	https://xn--80aa2bek9a.xn--p1ai/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://weddingcarsshropshire.co.uk/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://www.panarrofoods.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://www.uniqueprime.com.br/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://imifondamental.be/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://www.edencare.co.il/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://mcliokays.co.zw/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	vscode-bootstrapper.vercel.app	Unknown malware	InvisibleFerret polinrider	johannes
2026-05-03 07:32	vscode-load-config.vercel.app	Unknown malware	InvisibleFerret polinrider	johannes