ThreatFox IOC Database

You are browsing the Indicator Of Compromise (IOC) database of ThreatFox. If you would like to contribute IOCs to the corpuse, you can do so through either the web form or the API.

459

IOCs shared (past 24 hours)

ClearFake

Most seen malware family (past 24 hours)

1'674'704

IOCs in corpus

Using the form below, you can search for malware samples by a hash (MD5, SHA256, SHA1), imphash, tlsh hash, ClamAV signature, tag or malware family.

Browse Database

Search syntax is as follow: keyword:search_term

Following is a list of accepted keywords along with an example search_term

ioc:ms-debug-services.com ( run)
malware:CobaltStrike ( run)
tag:TA505 ( run)
threat_type:cc_skimming ( run)
uuid:87f310f3-540b-11eb-922c-42010aa4000a ( run)

Date (UTC)	IOC	Malware	Tags	Reporter
2026-05-03 12:05	frost.winterstormhub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 12:03	clusteroasi.wentgot.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 11:58	ice.winterstormhub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:57	vs2uc.wentgot.lat	ClearFake	ClearFake	Anonymous
2026-05-03 11:51	cold.winterstormhub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:50	runw2-flow.wentgot.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:45	high.brightflowsite.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:44	indexlaunc.wentgot.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 11:39	airy.brightflowsite.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:37	urwiban.wentgot.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 11:31	view.brightflowsite.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:30	vel-nexon.wentgot.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 11:24	rrjp7hig.wentgot.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:18	sky.brightflowsite.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:17	solmarkis1.klatren.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 11:12	star.brightflowsite.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:11	texg.klatren.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:05	rush.redstonenova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 11:03	zen-venor.klatren.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 10:59	kick.redstonenova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:57	kel-crestis.klatren.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 10:52	jump.redstonenova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:50	mrky.klatren.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:45	fast.redstonenova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:42	4ct1ve-point.klatren.lat	ClearFake	ClearFake	Anonymous
2026-05-03 10:37	run.redstonenova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:35	tokenimport.klatren.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 10:30	fire.redstonenova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:26	look.darkwinterlab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:23	wild.greenlogiclab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:19	great.wintercoldlab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:16	park.greenlogiclab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:13	last.solidstonecore.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:09	wood.greenlogiclab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 10:03	tree.greenlogiclab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:56	root.greenlogiclab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:52	poon.solidstonecore.lat	ClearFake	ClearFake	Anonymous
2026-05-03 09:49	leaf.greenlogiclab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:45	qanti.solidstonecore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 09:42	gear.techdriftway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:38	fast.magicflowpoint.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 09:32	pure.magicflowpoint.lat	ClearFake	ClearFake	Anonymous
2026-05-03 09:29	dash.techdriftway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:25	blue.magicflowpoint.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:23	mode.techdriftway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:18	view.magicflowpoint.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 09:12	sky.magicflowpoint.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:10	echo.techdriftway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:03	star.magicflowpoint.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 09:03	nx99.quantumbase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:57	upd.wintercoldlab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:57	zeno.quantumbase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:50	site.wintercoldlab.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 08:49	bolt.quantumbase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:43	46.151.182.148:25608	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-05-03 08:43	gate.wintercoldlab.lat	ClearFake	ClearFake	Anonymous
2026-05-03 08:43	217.145.226.192:7747	DCRat	dcrat drb-ra RAT	abuse_ch
2026-05-03 08:43	182.23.2.163:18569	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-05-03 08:43	159.69.90.48:4321	AdaptixC2	AdaptixC2 drb-ra	abuse_ch
2026-05-03 08:42	key.quantumbase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:37	base.wintercoldlab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:36	pure.quantumbase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:30	edge.wintercoldlab.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 08:29	atom.quantumbase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:23	apex.wintercoldlab.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 08:23	site.infrawavepro.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:17	zoom.brightskycore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 08:16	host.infrawavepro.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:10	bolt.brightskycore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 08:10	core.infrawavepro.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:03	kick.brightskycore.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 08:03	gate.infrawavepro.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:57	gear.brightskycore.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:57	edge.infrawavepro.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:48	snap.brightskycore.lat	ClearFake	ClearFake	Anonymous
2026-05-03 07:47	apex.infrawavepro.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:41	dash.brightskycore.lat	ClearFake	ClearFake	Anonymous
2026-05-03 07:35	host.darkstonebase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:34	beta.cyberpulsehub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:33	https://uniaocasings.com.br/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:33	https://www.weddingcarsshrewsbury.co.uk/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:33	abramo8a.ru	magecart	Magecart	Localhost
2026-05-03 07:33	acint.net	magecart	Magecart	Localhost
2026-05-03 07:33	176.65.139.131:1999	Mirai	Mirai	seckle
2026-05-03 07:33	69sexy.duckdns.org	Mirai	Mirai	seckle
2026-05-03 07:33	platform.isystemservices.com	FAKEUPDATES	SocGholish	varysz
2026-05-03 07:33	203.96.177.124:443	SmartApeSG	ClickFix Shock-Hosting SmartApeSG	Lenny_3BO
2026-05-03 07:33	0ae3916addf8682d9b571a8602b1936eb2afd095872246fa9417223edad697f8	SmartApeSG	ClickFix powershell SmartApeSG stager	Lenny_3BO
2026-05-03 07:33	webmail.mentalpainandtrauma.com	FAKEUPDATES	SocGholish	varysz
2026-05-03 07:33	http://simplisticpride.com	FAKEUPDATES	fakeupdate	Localhost
2026-05-03 07:33	tcp://45.92.1.50/rondo.dus	Unknown malware	honeypot	greedybear
2026-05-03 07:33	https://thedragonyear.com/en/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:33	cpanel.ladytress.com	FAKEUPDATES	SocGholish	monitorsg
2026-05-03 07:33	45.153.34.107:54984	Nanocore RAT	Nancrat NanoCore NanoCore RAT	whoamix302
2026-05-03 07:33	192.109.200.124:54984	Nanocore RAT	Nancrat NanoCore NanoCore RAT	whoamix302
2026-05-03 07:33	185.220.205.80:54984	Nanocore RAT	Nancrat NanoCore NanoCore RAT	whoamix302
2026-05-03 07:33	120.221.87.198:10001	Xtreme RAT	ExtRat Xtreme RAT	whoamix302
2026-05-03 07:33	87.120.126.60:80	Stealc	Stealc	whoamix302
2026-05-03 07:33	170.64.177.194:31337	Sliver	sliver	whoamix302
2026-05-03 07:33	151.59.150.189:8080	SectopRAT	1xxbot ArechClient SectopRAT	whoamix302
2026-05-03 07:33	172.245.195.206:443	Remcos	remcos RemcosRAT Remvio Socmer	whoamix302
2026-05-03 07:33	110.37.35.199:41800	Mozi	Mozi	whoamix302
2026-05-03 07:33	47.239.118.144:8443	GobRAT	GobRAT	whoamix302
2026-05-03 07:33	147.45.197.92:443	GhostSocks	GhostSocks	whoamix302
2026-05-03 07:32	https://zorbit.online/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://trophyburrita.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://trucybersec.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://viethuonggroup.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://www.vocearomilor.ro/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://www.vla.academy/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://waltonpalmeronline.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://www.wswarchitects.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://wpcentral.app/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://weppa.cloud/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://x-print.gr/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://wedevall.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://watergroupsystems.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	default-configuration.vercel.app	Unknown malware	InvisibleFerret polinrider	johannes
2026-05-03 07:32	https://websis.lv/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	260120.vercel.app	Unknown malware	InvisibleFerret polinrider	johannes
2026-05-03 07:32	vscode-settings-bootstrap.vercel.app	Unknown malware	InvisibleFerret polinrider	johannes
2026-05-03 07:32	vscode-settings-config.vercel.app	Unknown malware	InvisibleFerret polinrider	johannes
2026-05-03 07:32	https://xn--80aa2bek9a.xn--p1ai/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://weddingcarsshropshire.co.uk/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://www.panarrofoods.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://www.uniqueprime.com.br/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://imifondamental.be/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://www.edencare.co.il/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	https://mcliokays.co.zw/	Unknown malware	ClickFix	CarsonWilliams
2026-05-03 07:32	vscode-bootstrapper.vercel.app	Unknown malware	InvisibleFerret polinrider	johannes
2026-05-03 07:32	vscode-load-config.vercel.app	Unknown malware	InvisibleFerret polinrider	johannes
2026-05-03 07:27	sp1.gstats-api-coni.co	Unknown malware	ZigClipper	abuse_ch
2026-05-03 07:27	gstats-api-coni.co	Unknown malware	ZigClipper	abuse_ch
2026-05-03 07:26	link.darkstonebase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:26	mobi.cyberpulsehub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:20	2.27.122.127:443	EtherRAT	EtherRat RAT	abuse_ch
2026-05-03 07:19	core.darkstonebase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:19	grid.cyberpulsehub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:13	axis.darkstonebase.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 07:06	bolt.darkstonebase.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 07:05	nova.cyberpulsehub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 06:59	proxy.darkstonebase.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 06:59	byte.cryptonodex.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 06:53	zeno.goldenleafway.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 06:52	axis.cryptonodex.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 06:46	wave.goldenleafway.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 06:46	flow.cryptonodex.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 06:40	spark.goldenleafway.lat	ClearFake	ClearFake	Anonymous
2026-05-03 06:32	shift.goldenleafway.lat	ClearFake	ClearFake	Anonymous
2026-05-03 06:32	zeta.cryptonodex.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 06:24	macro.goldenleafway.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 06:16	alpha.goldenleafway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 06:12	fast.tari8lax.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 06:09	nx44.silverwoodhub.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 06:04	pure.tari8lax.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 05:59	neon.silverwoodhub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 05:57	blue.tari8lax.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 05:47	ultra.silverwoodhub.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 05:47	view.tari8lax.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 05:39	trace.silverwoodhub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 05:39	sky.tari8lax.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 05:32	pulse.silverwoodhub.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 05:32	star.tari8lax.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 05:24	delta.silverwoodhub.lat	ClearFake	ClearFake	Anonymous
2026-05-03 05:22	upd.rulo2vex.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 05:17	logic.oceanstormview.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 05:14	site.rulo2vex.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 05:07	point.oceanstormview.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 05:07	gate.rulo2vex.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 04:59	edge.oceanstormview.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 04:58	base.rulo2vex.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 04:55	mfjgp.sa.com	Nanocore RAT	NanoCore	abuse_ch
2026-05-03 04:52	tetra.oceanstormview.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 04:51	edge.rulo2vex.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 04:50	104.21.72.108:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-05-03 04:50	172.67.181.172:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-05-03 04:44	apex.rulo2vex.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 04:44	quant.oceanstormview.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 04:36	meta.oceanstormview.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 04:36	zoom.fena7dor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 04:28	bolt.fena7dor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 04:28	orbit.urbanlogicgrid.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 04:21	byte.urbanlogicgrid.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 04:20	kick.fena7dor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 04:15	https://guardsoncall.us/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-03 04:13	sonic.urbanlogicgrid.lat	ClearFake	ClearFake	Anonymous
2026-05-03 04:12	gear.fena7dor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 04:05	grid.urbanlogicgrid.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 04:05	snap.fena7dor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 03:56	atlas.urbanlogicgrid.lat	ClearFake	ClearFake	Anonymous
2026-05-03 03:56	dash.fena7dor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 03:48	sync.urbanlogicgrid.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 03:48	host.xori3mav.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 03:40	link.xori3mav.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 03:38	beta.rapidfirepixel.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 03:34	core.xori3mav.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 03:31	infra.rapidfirepixel.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 03:26	axis.xori3mav.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 03:23	prime.rapidfirepixel.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 03:15	https://ratan-sajan.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-03 03:11	flux.rapidfirepixel.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 03:06	node.rapidfirepixel.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 03:03	zeno.bela6qit.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 03:00	cyber.rapidfirepixel.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 02:58	wave.bela6qit.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 02:52	omni.starlightnova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 02:52	spark.bela6qit.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 02:43	shift.bela6qit.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 02:39	kilo.starlightnova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 02:37	macro.bela6qit.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 02:34	vortex.starlightnova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 02:26	zeta.starlightnova.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 02:26	nx22.nexo5mir.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 02:19	pulse.starlightnova.lat	ClearFake	ClearFake	Anonymous
2026-05-03 02:18	neon.nexo5mir.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 02:15	https://ushiftpro.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-03 02:13	mobi.starlightnova.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 02:13	ultra.nexo5mir.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 02:07	mass.solidstonecore.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 02:07	trace.nexo5mir.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 02:01	area.solidstonecore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 01:56	hard.solidstonecore.lat	ClearFake	ClearFake	Anonymous
2026-05-03 01:55	delta.nexo5mir.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 01:51	base.solidstonecore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 01:50	logic.puro2tal.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 01:45	rock.solidstonecore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 01:44	point.puro2tal.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 01:39	iron.solidstonecore.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 01:39	mobi.puro2tal.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 01:31	tetra.puro2tal.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 01:31	temp.darkwinterlab.lat	ClearFake	ClearFake	Anonymous
2026-05-03 01:25	site.darkwinterlab.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 01:25	quant.puro2tal.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 01:19	zone.darkwinterlab.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 01:19	meta.puro2tal.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 01:13	orbit.sena9vix.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 01:09	frost.darkwinterlab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 01:07	byte.sena9vix.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 01:04	ice.darkwinterlab.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 01:02	sonic.sena9vix.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 00:56	cold.darkwinterlab.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 00:50	high.brightskyway.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 00:50	atlas.sena9vix.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 00:44	sync.sena9vix.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 00:44	airy.brightskyway.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 00:38	view.brightskyway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 00:38	beta.lami4qor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 00:31	star.brightskyway.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 00:30	infra.lami4qor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 00:25	blue.brightskyway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 00:25	prime.lami4qor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 00:19	wing.brightskyway.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 00:19	flux.lami4qor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 00:14	park.greenforesthub.lat	ClearFake	ClearFake	threatcat_ch
2026-05-03 00:08	cyber.lami4qor.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-03 00:07	wild.greenforesthub.lat	ClearFake	ClearFake	Anonymous
2026-05-03 00:02	wood.greenforesthub.lat	ClearFake	ClearFake	Anonymous
2026-05-03 00:01	omni.vori7nex.lat	ClearFake	3May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 23:56	tree.greenforesthub.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 23:56	kilo.vori7nex.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 23:50	root.greenforesthub.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 23:50	vortex.vori7nex.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 23:44	leaf.greenforesthub.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 23:44	zeta.vori7nex.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 23:38	drift.vori7nex.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 23:38	rich.magicgoldlogic.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 23:33	vault.magicgoldlogic.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 23:25	coin.magicgoldlogic.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 23:22	7okxzj.heavier-plumage.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 23:18	key.magicgoldlogic.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 23:15	secrvol.heavier-plumage.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 23:10	pure.magicgoldlogic.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 23:07	ycqkw.heavier-plumage.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 23:03	atom.magicgoldlogic.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 22:59	vorcorear1.heavier-plumage.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 22:55	dash.boldfirestep.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 22:52	pr1n-phase.heavier-plumage.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 22:47	kick.boldfirestep.lat	ClearFake	ClearFake	Anonymous
2026-05-02 22:43	lumnexor6.heavier-plumage.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 22:40	jump.boldfirestep.lat	ClearFake	ClearFake	Anonymous
2026-05-02 22:36	k69qq.heavier-plumage.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 22:32	fast.boldfirestep.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 22:29	t3rrnina-mark.impo7tervicin.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 22:24	run.boldfirestep.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 22:21	solcoreex.impo7tervicin.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 22:17	fe.boldfirestep.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 22:13	fire.boldfirestep.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 22:13	3ni72dru.impo7tervicin.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 22:06	c4rg-forge.impo7tervicin.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 22:06	salt.oceanwavepoint.lat	ClearFake	ClearFake	Anonymous
2026-05-02 21:59	deep.oceanwavepoint.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 21:58	road-spark.impo7tervicin.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 21:46	reef.oceanwavepoint.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 21:44	neo-dep1.impo7tervicin.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 21:38	tide.oceanwavepoint.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 21:36	geo-5andbo.impo7tervicin.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 21:31	surf.oceanwavepoint.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 21:28	tgizmv1.strangle-snup.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 21:19	jazz.oceanwavepoint.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 21:19	sarnpl39-vault.strangle-snup.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 21:07	gate.urbanflowbase.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 20:59	host.urbanflowbase.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 20:53	zmi48wzh.strangle-snup.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 20:48	mode.urbanflowbase.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 20:45	wzcg8.strangle-snup.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 20:44	34.124.142.136:443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-02 20:44	34.124.142.136:80	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-02 20:44	203.160.54.22:8443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-02 20:44	195.123.220.237:2053	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-02 20:44	165.154.22.163:80	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-02 20:44	h67as5d5x.m6p3wca1.cc	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-02 20:40	apex.urbanflowbase.lat	ClearFake	ClearFake	Anonymous
2026-05-02 20:38	trifluxor.strangle-snup.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 20:32	skip.urbanflowbase.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 20:30	vialoak.jumping5table.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 20:24	echo.urbanflowbase.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 20:22	clie-route.jumping5table.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 20:15	sync.powertechlink.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 20:14	verif5-loop.jumping5table.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 20:07	byte.powertechlink.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 20:07	power-bran.jumping5table.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 19:59	neon.powertechlink.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 19:59	anchortru.jumping5table.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 19:51	grid.powertechlink.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 19:51	rockguid.jumping5table.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 19:44	zeta.powertechlink.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 19:44	stac9-chain.jumping5table.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 19:36	nova.powertechlink.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 19:36	hyper-t35t.serious-substance.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 19:29	nx88.silvermoonlight.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 19:28	caveapi.serious-substance.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 19:19	zeno.silvermoonlight.lat	ClearFake	ClearFake	Anonymous
2026-05-02 19:19	bkqno.serious-substance.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 19:11	flux.silvermoonlight.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 19:11	trigge-spool.serious-substance.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 19:04	falconbrave.serious-substance.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 19:04	axis.silvermoonlight.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 18:52	bolt.silvermoonlight.lat	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 18:43	64.188.71.230:7443	Unknown malware	drb-ra Mythic	abuse_ch
2026-05-02 18:43	57.158.26.13:7443	Unknown malware	drb-ra Mythic	abuse_ch
2026-05-02 18:43	38.147.173.24:8562	AdaptixC2	AdaptixC2 drb-ra	abuse_ch
2026-05-02 18:43	vibe.silvermoonlight.lat	ClearFake	ClearFake	threatcat_ch
2026-05-02 18:43	186.169.82.230:4343	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-05-02 18:43	185.195.66.182:443	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-05-02 18:43	165.245.172.175:8443	Evilginx	drb-ra EvilGinx EvilGoPhish	abuse_ch
2026-05-02 18:43	kel-crestis.serious-substance.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 18:43	157.230.26.61:7443	Unknown malware	drb-ra Mythic	abuse_ch
2026-05-02 18:43	137.220.137.67:6606	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-05-02 18:43	137.220.137.67:8808	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-05-02 18:43	134.122.99.247:7443	Unknown malware	drb-ra Mythic	abuse_ch
2026-05-02 18:43	107.175.113.200:11240	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-05-02 18:35	0rgan3-port.gabard-viewed.surf	ClearFake	ClearFake	Anonymous
2026-05-02 18:33	lagoo-beam.indulgence5crimp.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 18:27	sub-c0ve.gabard-viewed.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 18:25	r1ch3-watch.indulgence5crimp.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 18:20	36qgwr.gabard-viewed.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 18:17	arkcrestet5.indulgence5crimp.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 18:15	https://thrivehub.ng/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-02 18:12	motifroy.gabard-viewed.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 18:10	un1t-glow.indulgence5crimp.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 18:04	p1a5m2-cast.gabard-viewed.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 17:57	broad-royal.gabard-viewed.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 17:54	kxm6g.indulgence5crimp.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 17:49	buildsprout.gabard-viewed.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 17:46	lumforge9al.indulgence5crimp.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 17:41	vormesh8or.breadpotho1e.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 17:39	depot8-frame.snort-uharsky.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 17:34	p5dyz1.breadpotho1e.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 17:31	kernelarray.snort-uharsky.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 17:26	0gf8.breadpotho1e.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 17:23	jlgdcr.snort-uharsky.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 17:18	rq6yosv.breadpotho1e.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 17:16	dynamicnot.snort-uharsky.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 17:10	gj5n.breadpotho1e.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 17:08	waveclean.snort-uharsky.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 17:03	summitdawn.breadpotho1e.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 16:55	wildlan.breadpotho1e.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 16:53	courdisp.snort-uharsky.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 16:48	ultrafal.notice-ohlamon.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 16:45	kelmeshet6.ann0uncedwhiner.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 16:40	merfluxar4.notice-ohlamon.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 16:38	gtq976n.ann0uncedwhiner.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 16:32	82db.notice-ohlamon.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 16:30	velvetgatew.ann0uncedwhiner.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 16:25	bala6-forge.notice-ohlamon.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 16:15	jvtu4ew.notice-ohlamon.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 16:15	https://theeventprinter.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-02 16:14	vhngykcu.ann0uncedwhiner.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 16:03	grid-relay.notice-ohlamon.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 16:00	sol-markum.ann0uncedwhiner.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 15:53	rai1-cache.notice-ohlamon.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 15:53	gkit1b32.ann0uncedwhiner.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 15:45	moral-reach.inconprofitab1e.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 15:45	crim-branch.despot-unfolded.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 15:38	tqdgt.inconprofitab1e.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 15:38	0akhfy37.despot-unfolded.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 15:30	pr4iri-point.inconprofitab1e.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 15:29	9dzz.despot-unfolded.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 15:22	memor-prim.inconprofitab1e.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 15:21	crystaldep.despot-unfolded.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 15:15	cavemodu.inconprofitab1e.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 15:15	https://delarosaobrasyservicios.es/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-02 15:15	https://ivoryseguros.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-02 15:14	yngzhbe.despot-unfolded.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 15:07	uclq1my.inconprofitab1e.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 15:06	arkmarkar.despot-unfolded.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 15:00	lumflux3ar.inconprofitab1e.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 14:49	gr4nd4-node.family-man.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 14:47	qu3ry1-line.col7ecapture.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 14:44	47.101.172.178:443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-02 14:44	38.207.176.96:8520	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-02 14:44	23.235.186.164:7887	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-02 14:44	23.248.204.162:7887	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-02 14:44	23.248.236.163:7887	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-02 14:44	safeaxis.xyz	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-02 14:43	cdn.project-eagle-2025.xyz	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-02 14:42	revie-ring.family-man.surf	ClearFake	ClearFake	Anonymous
2026-05-02 14:39	ca5t-mesh.col7ecapture.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 14:34	glosuppl.family-man.surf	ClearFake	ClearFake	Anonymous
2026-05-02 14:31	retainerquick.col7ecapture.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 14:27	norcrest6ex.family-man.surf	ClearFake	ClearFake	Anonymous
2026-05-02 14:23	mvgw.col7ecapture.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 14:19	handlerric.family-man.surf	ClearFake	ClearFake	Anonymous
2026-05-02 14:15	d4rk-array.col7ecapture.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 14:15	https://homecrux.com.au/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-02 14:15	https://diplomaticproperties.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-02 14:12	vxxyant.family-man.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 14:08	cbgrnuxq.col7ecapture.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 14:04	k3rn9-spark.family-man.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 14:00	atomfil.col7ecapture.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 13:56	desi3-route.fina1vrub.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 13:53	mamx.koltdark.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 13:48	quor-coreix.fina1vrub.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 13:44	zet.westrock.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 13:41	thicketswift.fina1vrub.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 13:33	dynamiccom.fina1vrub.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 13:25	agentairw.fina1vrub.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 13:15	vellithon1.fina1vrub.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 13:15	https://edencare.co.il/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-02 13:15	https://careprovideralliance.org.uk/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-02 13:15	https://panarrofoods.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-02 13:08	1uxjjv36.fina1vrub.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 13:00	f1310.saget-sly.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 12:52	3gwd.saget-sly.surf	ClearFake	ClearFake	Anonymous
2026-05-02 12:45	enginetone.saget-sly.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 12:33	tokentrav.saget-sly.surf	ClearFake	ClearFake	threatcat_ch
2026-05-02 12:32	etasyncuaudg02c.hustrock.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 12:25	gofent.za.com	DarkComet	darkcomet	abuse_ch
2026-05-02 12:25	88aa.institute	DarkComet	darkcomet	abuse_ch
2026-05-02 12:24	fl3e-wave.saget-sly.surf	ClearFake	ClearFake	Anonymous
2026-05-02 12:23	mondewyg1wkv9.hustrock.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 12:20	https://americoq.cyou	Lumma Stealer	Lumma	abuse_ch
2026-05-02 12:16	thetaiotrm9nz.hustrock.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 12:16	labelfjo.saget-sly.surf	ClearFake	ClearFake	Anonymous
2026-05-02 12:15	91.92.243.45:7070	XWorm	XWorm	abuse_ch
2026-05-02 12:15	https://savrn.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-02 12:08	5wq7m.saget-sly.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-02 12:08	etablackhc2er7.hustrock.surf	ClearFake	2May2026 ClearFake Commandline Windows	Gi7w0rm