ThreatFox IOC Database

You are browsing the Indicator Of Compromise (IOC) database of ThreatFox. If you would like to contribute IOCs to the corpuse, you can do so through either the web form or the API.

503

IOCs shared (past 24 hours)

ClearFake

Most seen malware family (past 24 hours)

1'670'960

IOCs in corpus

Using the form below, you can search for malware samples by a hash (MD5, SHA256, SHA1), imphash, tlsh hash, ClamAV signature, tag or malware family.

Browse Database

Search syntax is as follow: keyword:search_term

Following is a list of accepted keywords along with an example search_term

ioc:ms-debug-services.com ( run)
malware:CobaltStrike ( run)
tag:TA505 ( run)
threat_type:cc_skimming ( run)
uuid:87f310f3-540b-11eb-922c-42010aa4000a ( run)

Date (UTC)	IOC	Malware	Tags	Reporter
2026-04-28 06:50	http://po1vax.digital/script.sh	Unknown malware	macOS	HuntYethHounds
2026-04-28 06:50	po1vax.digital	Unknown malware	macOS	HuntYethHounds
2026-04-28 06:50	175.24.201.23:8443	Cobalt Strike	CobaltStrike cs-watermark-987654321	abuse_ch
2026-04-28 06:49	https://kymlo2.digital/script.sh	Unknown malware	macOS	HuntYethHounds
2026-04-28 06:49	kymlo2.digital	Unknown malware	macOS	HuntYethHounds
2026-04-28 06:48	https://heavyset-that.digital/script.sh	Unknown malware	macOS	HuntYethHounds
2026-04-28 06:48	heavyset-that.digital	Unknown malware	macOS	HuntYethHounds
2026-04-28 06:46	urbanhostgate.orbitmeshunit.garden	ClearFake	ClearFake	Anonymous
2026-04-28 06:37	http://googlemeets.click.goooggle.click/download.php	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-28 06:37	http://googlemeets.click.goooggle.click/verify.php	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-28 06:35	http://googlemeets.click.goooggle.click	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-28 06:35	googlemeets.click.goooggle.click	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-28 06:34	http://www.diamondexchangeus.store.goooggle.click/download.php	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-28 06:33	http://www.diamondexchangeus.store.goooggle.click	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-28 06:33	diamondexchangeus.store.goooggle.click	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-28 06:32	https://web-view.org/get/adobe/Reader_en_install.exe	Unknown malware	Fake Adobe	HuntYethHounds
2026-04-28 06:31	https://web-view.org/get/adobe/	Unknown malware	Fake Adobe	HuntYethHounds
2026-04-28 06:31	web-view.org	Unknown malware	Fake Adobe	HuntYethHounds
2026-04-28 06:29	freetaskunit.cyberpeaklink.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 06:29	cool2meshbit.cyberpeaklink.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 06:29	stellar5bitnode.orbitmeshunit.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 06:29	vastlogicweb.orbitmeshunit.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 06:29	cloudnewupdate.us	Unknown malware	Fake Adobe	HuntYethHounds
2026-04-28 06:28	http://cloudnewupdate.us/acrobat/windows/visit.php	Unknown malware	Fake Adobe	HuntYethHounds
2026-04-28 06:27	http://cloudnewupdate.us/acrobat/windows/adobe.php	Unknown malware	Fake Adobe	HuntYethHounds
2026-04-28 06:23	https://etomoe.cfd/log.php	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-04-28 06:22	https://etomoe.cfd/api/index.php	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-04-28 06:22	https://etomoe.cfd/cf.js	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-04-28 06:21	etomoe.cfd	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-04-28 05:57	packnoirland.raxonviewunit.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	gategoldberg3.raxonviewunit.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	datanoirgold5.sylosyncbase.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	srvvertland.sylosyncbase.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	linkholzbaum2.sylosyncbase.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	webopenmond.sylosyncbase.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	sync8kaltberg.sylosyncbase.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	core3darkstar.novismetaweb.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	approugesoft.novismetaweb.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	netpetitwald9.novismetaweb.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	flowironhaus.novismetaweb.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	zonebleuzeit1.novismetaweb.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	goldstarport.mivorpulsegate.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	noirmondsite.mivorpulsegate.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	taskironland.dexishostpath.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	baseopenwald.mivorpulsegate.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	unitkaltwind2.mivorpulsegate.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:57	claudedesktop-llm.gitlab.io	ClearFake	ClearFake	ineffyble
2026-04-28 05:57	164.92.210.57:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:57	104.248.197.185:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:57	64.227.79.172:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:56	104.248.192.244:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:56	globfastfire7.raxonviewunit.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	bitbluemond.raxonviewunit.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	167.99.209.253:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:56	68.183.6.224:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:56	pathnoirbaum1.zexislinkhub.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	userfastzeit.zexislinkhub.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	167.172.45.157:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:56	165.232.81.57:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:56	loadpetitstar.zexislinkhub.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	209.38.45.156:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:56	baseopenwald.qivorpaknode.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	pointrougesoft.zexislinkhub.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	viewdarkberg9.zexislinkhub.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	sysvert7holz.qivorpaknode.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	metabluefire.qivorpaknode.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	goldstarport.qivorpaknode.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	petitwaldnet.dexisnetflow.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	ironhausflow2.dexisnetflow.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	hostfastland.dexisnetflow.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	rougesoft9app.dexisnetflow.garden	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	bleu-3.dexis-serv.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	haus-1.mivon-tech.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	https://zentav.top/trace/audit-module.js	SmartApeSG	SmartApeSG	monitorsg
2026-04-28 05:56	zeit-berg-8.novis-data.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	open-3n.novis-data.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	iron-fire-6s.novis-data.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	rouge-4.novis-data.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	dark-wald-3.sylix-host.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	petit-star-8z.sylix-host.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	https://claudedesktop-llm.gitlab.io/wae/	ClearFake		ineffyble
2026-04-28 05:56	viewdarkberg.dexishostpath.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	pathnoirbaum.dexishostpath.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	https://claudedesktopllm.gitlab.io/crs/	Unknown Stealer		ineffyble
2026-04-28 05:56	globfastfire.vortextaskbit.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	fastland8zeit.mivontechzone.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	noirgoldstar.mivontechzone.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	vertbaumview.mivontechzone.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	holzunit3link.mivontechzone.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	tarsier.cloudshell.svc	Cobalt Strike		duggusa
2026-04-28 05:56	syncbergzeit5.mivontechzone.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:56	newcheckout.shop	magecart	Magecart	Localhost
2026-04-28 05:56	office.australia-wealth.com	FAKEUPDATES	SocGholish	monitorsg
2026-04-28 05:56	turbostat.shop	magecart	Magecart	Localhost
2026-04-28 05:56	stylejingle.com	magecart	Magecart	Localhost
2026-04-28 05:56	grand6nodehub.cyberpeaklink.garden	ClearFake	ClearFake	Anonymous
2026-04-28 05:55	pixellowersoon.top	magecart	Magecart	Localhost
2026-04-28 05:55	ministat.shop	magecart	Magecart	Localhost
2026-04-28 05:55	tagmanager.guru	magecart	Magecart	Localhost
2026-04-28 05:55	styledontcryyy.com	magecart	Magecart	Localhost
2026-04-28 05:55	hyperstat.shop	magecart	Magecart	Localhost
2026-04-28 05:55	stylebackrooooms.com	magecart	Magecart	Localhost
2026-04-28 05:55	gigatag.info	magecart	Magecart	Localhost
2026-04-28 05:55	stylenemesiis.com	magecart	Magecart	Localhost
2026-04-28 05:55	styleinfinity.top	magecart	Magecart	Localhost
2026-04-28 05:55	styleoutsperee.com	magecart	Magecart	Localhost
2026-04-28 05:55	swift5tasknet.zenithflowgrid.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	clearpointdata.zenithflowgrid.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	trendscan8meta.cryptovoxelsync.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	shieldpurelink.cryptovoxelsync.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	bright3nodeview.cryptovoxelsync.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	proxyfastzone.cryptovoxelsync.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	deepcloud9base.cryptovoxelsync.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	signalwestport.cryptovoxelsync.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	https://217.145.227.150/	Unknown Stealer		solostalking
2026-04-28 05:55	wildpathbase.cyberpeaklink.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	apex3stormlink.cyberpeaklink.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	vividmeshflow.zenithflowgrid.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	light8siteview.zenithflowgrid.garden	ClearFake	28April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	termopasta.com	Unknown Stealer		ineffyble
2026-04-28 05:55	foewpeee2tol.com	Unknown Stealer		ineffyble
2026-04-28 05:55	fb094867dcb3f56391ca8a60016c5cd9872b529814b0fe48e1e7ea4563ce24ed	Unknown malware	AMSI-BYPASS ClickFix MP3-HTA-polyglot mshta VBScript	Lenny_3BO
2026-04-28 05:55	20bf8267c60aeaafb90c224d865e163401a016b8568f95a6f1743fc74af62d9e	Unknown malware	AMSI-BYPASS ClickFix MP3-HTA-polyglot mshta VBScript	Lenny_3BO
2026-04-28 05:55	159.223.235.96:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:55	https://zentav.top/trace/refresh-css.php	SmartApeSG	SmartApeSG	monitorsg
2026-04-28 05:55	142.93.135.177:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:55	blue-fire-8w.syr2moxel.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	haus-4.syr2moxel.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	zentav.top	SmartApeSG	SmartApeSG	monitorsg
2026-04-28 05:55	https://zentav.top/trace/alias-thread.js	SmartApeSG	SmartApeSG	monitorsg
2026-04-28 05:55	browserperplexity.com	Unknown malware	ClickFix MP3-HTA mshta Polyglot	Lenny_3BO
2026-04-28 05:55	macarona.autos	Unknown malware	AMSI-BYPASS ClickFix mshta RC4 victim-fingerprint	Lenny_3BO
2026-04-28 05:55	165.22.207.128:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:55	soft-5.vok7laren.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	64.89.161.71:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:55	kalt-berg-2.vok7laren.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	https://datanexlab.top/trace/refresh-css.php	SmartApeSG	SmartApeSG	monitorsg
2026-04-28 05:55	datanexlab.top	SmartApeSG	SmartApeSG	monitorsg
2026-04-28 05:55	https://datanexlab.top/trace/alias-thread.js	SmartApeSG	SmartApeSG	monitorsg
2026-04-28 05:55	64.89.160.215:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:55	holz-baum-5.tal4miren.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	open-7.tal4miren.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	64.89.161.74:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:55	fast-zeit-1.tal4miren.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	64.89.160.216:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:55	truebasecore.com	Unknown malware	Aorta ClickFix sideload SmartApeSG	Lenny_3BO
2026-04-28 05:55	https://truebasecore.com/io	Unknown malware	Aorta ClickFix sideload SmartApeSG	Lenny_3BO
2026-04-28 05:55	http://104.225.129.105/	Unknown malware	Aorta ClickFix sideload SmartApeSG	Lenny_3BO
2026-04-28 05:55	http://216.120.201.116/	Unknown malware	Aorta ClickFix sideload SmartApeSG	Lenny_3BO
2026-04-28 05:55	146.71.81.232:443	Unknown malware	Aorta ClickFix sideload SmartApeSG	Lenny_3BO
2026-04-28 05:55	104.225.129.105:443	Unknown malware	Aorta ClickFix sideload SmartApeSG	Lenny_3BO
2026-04-28 05:55	216.120.201.116:443	Unknown malware	Aorta ClickFix sideload SmartApeSG	Lenny_3BO
2026-04-28 05:55	zentideen.pax4moren.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:55	9c1a60b1e67f071d7100ae8dfde9efb77cbf7688f8cbe6461b27319c9d7f8742	Unknown malware	Aorta ClickFix sideload SmartApeSG	Lenny_3BO
2026-04-28 05:55	3559ecb1e3c264bbc17b992b1d055bea42dbcb60e9397e24a33e9f09d5d307e2	Unknown malware	Aorta ClickFix sideload SmartApeSG	Lenny_3BO
2026-04-28 05:55	d79e2990fa848ed9038f30dad65e30d6a3b335d78542d992de895a857e08351c	Unknown malware	Aorta ClickFix sideload SmartApeSG	Lenny_3BO
2026-04-28 05:54	stagesteril.pax4moren.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:54	167.99.35.20:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:54	161.35.144.223:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:54	64.89.161.70:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:54	142.93.128.30:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:54	zbh50.nol7sirex.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:54	5.175.215.42:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:54	vordraor5.nol7sirex.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:54	83.142.209.252:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:54	64.89.160.214:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:54	64.89.161.72:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:54	wwj2alum.pax4moren.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-28 05:54	83.142.209.248:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-28 05:42	neogateway9sys.cyberpeaklink.garden	ClearFake	ClearFake	Anonymous
2026-04-28 05:16	bold7logicgate.zenithflowgrid.garden	ClearFake	ClearFake	Anonymous
2026-04-28 04:57	primeglowunit.zenithflowgrid.garden	ClearFake	ClearFake	Anonymous
2026-04-28 04:03	openmondkalt.mivontechzone.garden	ClearFake	ClearFake	Anonymous
2026-04-28 03:25	winopenhaus.vortextaskbit.garden	ClearFake	ClearFake	Anonymous
2026-04-28 03:19	scanvertzeit1.vortextaskbit.garden	ClearFake	ClearFake	Anonymous
2026-04-28 03:12	gategoldberg.vortextaskbit.garden	ClearFake	ClearFake	Anonymous
2026-04-28 03:06	packnoirland7.vortextaskbit.garden	ClearFake	ClearFake	Anonymous
2026-04-28 02:52	bitbluemond4.vortextaskbit.garden	ClearFake	ClearFake	Anonymous
2026-04-28 02:40	userfastzeit.dexishostpath.garden	ClearFake	ClearFake	Anonymous
2026-04-28 02:25	loadpetitstar3.dexishostpath.garden	ClearFake	ClearFake	Anonymous
2026-04-28 02:16	pointrougesoft8.dexishostpath.garden	ClearFake	ClearFake	Anonymous
2026-04-28 01:36	sysvert7holz.mivorpulsegate.garden	ClearFake	ClearFake	Anonymous
2026-04-28 01:24	metabluefire6.mivorpulsegate.garden	ClearFake	ClearFake	Anonymous
2026-04-28 01:19	hostfastland.novismetaweb.garden	ClearFake	ClearFake	Anonymous
2026-04-28 01:00	https://isn.jornaltribunadearaxa.com.br/	Vidar	Vidar	crep1x
2026-04-28 01:00	isn.jornaltribunadearaxa.com.br	Vidar	Vidar	crep1x
2026-04-28 00:30	https://isn.trbombom.com/	Vidar	Vidar	crep1x
2026-04-28 00:30	isn.trbombom.com	Vidar	Vidar	crep1x
2026-04-28 00:11	nodezeitmond.sylosyncbase.garden	ClearFake	ClearFake	Anonymous
2026-04-28 00:04	winopenhaus.raxonviewunit.garden	ClearFake	ClearFake	Anonymous
2026-04-27 23:59	scanvertzeit.raxonviewunit.garden	ClearFake	ClearFake	Anonymous
2026-04-27 23:02	taskironland.zexislinkhub.garden	ClearFake	ClearFake	Anonymous
2026-04-27 22:51	unitkaltwind.qivorpaknode.garden	ClearFake	ClearFake	Anonymous
2026-04-27 22:48	unificandoelser.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-27 22:45	noirmondsite4.qivorpaknode.garden	ClearFake	ClearFake	Anonymous
2026-04-27 22:15	https://studio.mascaf-production.infobymika.fr/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 22:13	bleuzeit8zone.dexisnetflow.garden	ClearFake	ClearFake	Anonymous
2026-04-27 22:00	https://nde.imoveisavendaemaraxa.com.br/	Vidar	Vidar	crep1x
2026-04-27 22:00	https://nde.vi-ler.dk/	Vidar	Vidar	crep1x
2026-04-27 22:00	nde.imoveisavendaemaraxa.com.br	Vidar	Vidar	crep1x
2026-04-27 22:00	nde.vi-ler.dk	Vidar	Vidar	crep1x
2026-04-27 21:48	darkstarcore.dexisnetflow.garden	ClearFake	ClearFake	Anonymous
2026-04-27 21:44	petit-fire-5.dexis-serv.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 21:32	dark-land-8b.dexis-serv.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 21:20	holz-baum-7k.mivon-tech.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 21:15	https://staging.online-paystub.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 21:15	https://mimidavid.arellabs.org/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 21:09	vert-4.mivon-tech.in.net	ClearFake	ClearFake	Anonymous
2026-04-27 21:04	gold-mond-2.mivon-tech.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 20:58	noir-9.mivon-tech.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 20:53	fast-star-5x.mivon-tech.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 20:42	kalt-5.novis-data.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 20:38	soft-land-1.novis-data.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 20:26	haus-2x.sylix-host.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 20:16	bleu-9.sylix-host.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 20:11	holz-berg-5.sylix-host.in.net	ClearFake	ClearFake	Anonymous
2026-04-27 20:08	kanoulasdrive.gr	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-27 20:05	vert-1.sylix-host.in.net	ClearFake	ClearFake	Anonymous
2026-04-27 19:54	open-6.raxos-node.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 19:48	gold-land-4m.raxos-node.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 19:43	noir-2.raxos-node.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 19:39	fast-fire-9.raxos-node.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 19:30	zeit-5.raxos-node.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 19:21	blue-mond-3k.raxos-node.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 19:15	gold-star-5s.qen9vital.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 19:09	fast-2.syr2moxel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 19:04	wald-baum-9.syr2moxel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 18:56	bleu-3k.syr2moxel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 18:50	zeit-land-7.syr2moxel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 18:29	iron-6.vok7laren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 18:21	petit-mond-1.vok7laren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 18:00	rouge-9v.vok7laren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 17:56	dark-star-4.vok7laren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 17:50	zeroclipstudiophotography.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-27 17:43	vert-2k.tal4miren.in.net	ClearFake	ClearFake	Anonymous
2026-04-27 17:38	gold-land-3.tal4miren.in.net	ClearFake	ClearFake	Anonymous
2026-04-27 17:34	noir-8.tal4miren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 17:25	c3da-glow.pax4moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 17:17	rpa.vi-ler.dk	Vidar	lv80gzr Vidar	abuse_ch
2026-04-27 17:17	https://rpa.vi-ler.dk/	Vidar	lv80gzr Vidar	abuse_ch
2026-04-27 17:17	rpa.imoveisavendaemaraxa.com.br	Vidar	lv80gzr Vidar	abuse_ch
2026-04-27 17:17	https://rpa.imoveisavendaemaraxa.com.br/	Vidar	lv80gzr Vidar	abuse_ch
2026-04-27 17:08	agjlskc.pax4moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 17:03	hputcl37.pax4moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 16:59	qncd.nol7sirex.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 16:50	pil0t1-mesh.nol7sirex.in.net	ClearFake	ClearFake	Anonymous
2026-04-27 16:46	culqxa.nol7sirex.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 16:43	cine2-path.nol7sirex.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 16:34	bz110bs.kyr1vomen.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 16:30	cort4-node.kyr1vomen.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 16:26	lumvaleum3.kyr1vomen.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 16:24	queuedirect.tov6larek.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 16:24	publshi.tov6larek.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 16:24	cour1e-core.kyr1vomen.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 16:24	bay6-beam.kyr1vomen.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 16:11	ezyunbs.kyr1vomen.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 16:08	wakanda33.it.com	Nanocore RAT	NanoCore	abuse_ch
2026-04-27 16:07	snet88.com	Nanocore RAT	NanoCore	abuse_ch
2026-04-27 16:07	nnzn.sa.com	Nanocore RAT	NanoCore	abuse_ch
2026-04-27 16:06	fb88.dfwf.io	Nanocore RAT	NanoCore	abuse_ch
2026-04-27 16:06	dfwf.io	Nanocore RAT	NanoCore	abuse_ch
2026-04-27 16:06	devtourandtrevels.in.net	Nanocore RAT	NanoCore	abuse_ch
2026-04-27 16:04	vmbspptn.tov6larek.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 16:01	http://92.63.102.121/Lowbase.php	DCRat	dcrat RAT	abuse_ch
2026-04-27 16:01	http://cc011590.tw1.ru/L1nc0In.php	DCRat	dcrat RAT	abuse_ch
2026-04-27 16:00	161.35.110.36:22	NjRAT	njrat	abuse_ch
2026-04-27 15:59	172.67.187.211:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-04-27 15:59	46.202.138.60:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-04-27 15:59	tal-lithix.tov6larek.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 15:58	104.18.4.119:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-04-27 15:58	104.18.5.119:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-04-27 15:57	172.67.140.186:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-04-27 15:57	104.21.33.27:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-04-27 15:56	104.21.88.251:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-04-27 15:56	172.67.155.48:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-04-27 15:50	6lzo5xl.tov6larek.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 15:44	norcore2ix.tov6larek.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 15:41	platform.exathomeswebuyarizona.com	FAKEUPDATES	SocGholish	monitorsg
2026-04-27 15:40	parfsdp.sydo9marel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 15:38	vortideum.rax2liven.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 15:38	https://v-panel.buzz/auth/login?ddosprotected=1	Vidar	c2 Vidar	Kenas
2026-04-27 15:37	htusgm8k.sydo9marel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 15:33	fhgcivkk.sydo9marel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 15:28	brand-vau.sydo9marel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 15:24	vbl60o.sydo9marel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 15:21	alt-enc0.sydo9marel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 15:15	cultu3-array.rax2liven.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 15:15	https://homeecosavingsideas.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 15:06	booey.rax2liven.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 15:05	nubebdn.sokla3ren.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 15:05	meta-5umm.qim8vorel.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 15:05	cin3m2-frame.vex7lurin.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 15:05	arkmarkix.rax2liven.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 15:05	h4rbor-phase.rax2liven.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 14:53	sercresta4.rax2liven.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 14:49	kel-fluxor.qim8vorel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 14:43	syntarepo.qim8vorel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 14:39	ioszf.qim8vorel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 14:36	cedthe.qim8vorel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 14:26	birchpayload.qim8vorel.in.net	ClearFake	ClearFake	Anonymous
2026-04-27 14:23	shield-sile.sokla3ren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 14:15	https://bookshelfculture.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 14:15	https://icebath.org.il/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 14:15	https://petloverspalace.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 14:15	https://bayviewgourmet.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 14:15	https://ecocolours.in/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 14:15	https://aspirefitnessclub.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 14:14	1r72in.sokla3ren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 14:10	vorlith8on.sokla3ren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 14:07	rn3tric-grid.sokla3ren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 14:03	4hs7joli.sokla3ren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 14:00	https://ser.imoveisavendaemaraxa.com.br/	Vidar	Vidar	crep1x
2026-04-27 14:00	ser.imoveisavendaemaraxa.com.br	Vidar	Vidar	crep1x
2026-04-27 14:00	https://ser.vi-ler.dk/	Vidar	Vidar	crep1x
2026-04-27 14:00	ser.vi-ler.dk	Vidar	Vidar	crep1x
2026-04-27 14:00	rydr.vex7lurin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 13:56	m35h1-loop.vex7lurin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 13:48	knyo.vex7lurin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 13:43	hiddenbyt.vex7lurin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 13:36	bcfapelw.mer4talon.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 13:36	finger.linked-on.com	Unknown malware	ClickFix finger-lolbas fingerfix linkedin-lure Python-embed	Lenny_3BO
2026-04-27 13:36	https://linked-on.com/leyts.php?Npier=1	Unknown malware	ClickFix finger-lolbas fingerfix linkedin-lure Python-embed	Lenny_3BO
2026-04-27 13:36	107.170.45.91:443	Unknown malware	ClickFix finger-lolbas fingerfix linkedin-lure Python-embed	Lenny_3BO
2026-04-27 13:36	https://mtg-life.net/95126aeb-4120-56b1-8c9e-63fdf0c0b6f9/scr7	Unknown malware	ClickFix fingerfix python-shellcode-loader	Lenny_3BO
2026-04-27 13:36	173.44.141.222:443	Unknown malware	ClickFix fingerfix python-shellcode-loader	Lenny_3BO
2026-04-27 13:36	mtg-life.net	Unknown malware	ClickFix fingerfix python-shellcode-loader	Lenny_3BO
2026-04-27 13:36	08a474368a2f94f347ad9e1a0a08d4258fcf49c6b9373214f7901bb770bacca4	Unknown malware	ClickFix fingerfix python-shellcode-loader	Lenny_3BO
2026-04-27 13:36	quor-meshis.vex7lurin.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 13:32	185.193.126.248:27000	Unknown malware		abuse_ch
2026-04-27 13:29	fa1thf6-gate.oasis-reimburse.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 13:29	gatewa-qua.incub-teahouse.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 13:29	sortdynamic.eggman8eisha.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 13:29	queryspecimen.pares-system.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 13:29	banncip.judges-spire.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 13:29	lumlithex.mer4talon.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 13:29	https://sigmatauethifarma.com/file.js	KongTuke	Kongtuke	monitorsg
2026-04-27 13:29	sigmatauethifarma.com	KongTuke	Kongtuke	monitorsg
2026-04-27 13:29	https://sigmatauethifarma.com/t	KongTuke	Kongtuke	monitorsg
2026-04-27 13:29	https://sigmatauethifarma.com/g	KongTuke	Kongtuke	monitorsg
2026-04-27 13:28	23ofcfv.khudrukmumb1es.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 13:28	93f5qz.khudrukmumb1es.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 13:28	tal-draet.khudrukmumb1es.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 13:28	arkcoreix.judges-spire.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 13:28	https://bcaccount.co.th/?u=fwjxxjdhc4fkhntp263ah3a	Emmenhtal	html-smuggling spamtrap	jahlives
2026-04-27 13:28	https://sigmatauethifarma.com/c	KongTuke	Kongtuke	monitorsg
2026-04-27 13:28	https://cj06y9v4xab.com/d	KongTuke	Kongtuke	monitorsg
2026-04-27 13:28	cj06y9v4xab.com	KongTuke	Kongtuke	monitorsg
2026-04-27 13:28	vitalpalette.mer4talon.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 13:26	54.255.15.131:10086	Ghost RAT	Gh0stRAT RAT	abuse_ch
2026-04-27 13:24	206.238.199.22:10086	Ghost RAT	Gh0stRAT RAT	abuse_ch
2026-04-27 13:16	subtledust.mer4talon.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 13:15	https://linkinsightnews.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://thelifestyleelf.net/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://bridgeportnews.net/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://sullivancounty.org/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://burchcom.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://accelhost.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://earthvillageeducation.org/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://remodelingmagazine.co/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://nutleyrealestatehomes.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://feelgoodanyway.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://pouronprince.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://legalnewsletter.org/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://thedirtdoctors.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://new-era-homes.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://mytravelbackpack.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://growhealthyvending.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://healthadvicenow.net/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://homeinspectorpotomac.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://jrubyconf.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://claremontportside.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:15	https://familyreading.net/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 13:12	sche9-track.mer4talon.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 13:03	clif7-bridge.mer4talon.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 12:54	sterilebundle.khudrukmumb1es.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 12:39	xrcbdu11.asso7tunexpl.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 12:31	5urvey-spark.exhumat8urgle.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 12:26	lzukd.foot-ricochet.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 12:22	schem-mark.sleazyhe2ded.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 12:19	palbind.judges-spire.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 12:11	eswcaywn.judges-spire.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 12:05	columdee.judges-spire.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 12:00	genomeobserver.judges-spire.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 11:54	nor-lithix.judges-spire.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 11:30	daemon-hill.khudrukmumb1es.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 11:27	http://94.156.155.42	Stealc	Stealc	abuse_ch
2026-04-27 11:15	https://juactive.net/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-27 11:14	kelforgeet4.khudrukmumb1es.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 11:08	aq4saw1.khudrukmumb1es.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 11:02	velcrestos8.pares-system.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 11:02	45.43.59.179:53	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-04-27 10:57	reed8-drive.pares-system.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 10:51	v0ya1-cast.pares-system.in.net	ClearFake	ClearFake	Anonymous
2026-04-27 10:46	ns1.twnic.top	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-04-27 10:46	x9xus7.pares-system.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 10:43	cc.twnic.top	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-04-27 10:39	keltideal.asso7tunexpl.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 10:39	sx56boo.incub-teahouse.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 10:39	4wyk.incub-teahouse.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 10:39	hyperstat.shop	magecart	Magecart	varysz
2026-04-27 10:39	newcheckout.shop	magecart	Magecart	varysz
2026-04-27 10:39	turbostat.shop	magecart	Magecart	varysz
2026-04-27 10:39	gigatag.info	magecart	Magecart	varysz
2026-04-27 10:39	tagmanager.guru	magecart	Magecart	varysz
2026-04-27 10:39	ministat.shop	magecart	Magecart	varysz
2026-04-27 10:39	culturebrook.incub-teahouse.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 10:39	loose-mount.eggman8eisha.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 10:39	campaigndefen.eggman8eisha.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 10:39	tj0x.eggman8eisha.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 10:39	ejge.eggman8eisha.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 10:39	yaisxm.pares-system.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 10:39	talnexal2.pares-system.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 10:32	lapoire8.hopto.org	AsyncRAT	asyncrat	abuse_ch
2026-04-27 10:31	lapoire7.hopto.org	AsyncRAT	asyncrat	abuse_ch
2026-04-27 10:31	lapoire6.hopto.org	AsyncRAT	asyncrat	abuse_ch
2026-04-27 10:04	frwyaofu.eggman8eisha.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 09:56	91.92.120.68:1985	XWorm	XWorm	abuse_ch
2026-04-27 09:52	pb6cs.eggman8eisha.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 09:36	yj97hpfx.incub-teahouse.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 09:22	biomecave.incub-teahouse.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 09:18	vek.vi-ler.dk	Vidar	lv80gzr Vidar	abuse_ch
2026-04-27 09:18	https://vek.vi-ler.dk/	Vidar	lv80gzr Vidar	abuse_ch
2026-04-27 09:18	vek.imoveisavendaemaraxa.com.br	Vidar	lv80gzr Vidar	abuse_ch
2026-04-27 09:18	https://vek.imoveisavendaemaraxa.com.br/	Vidar	lv80gzr Vidar	abuse_ch
2026-04-27 09:17	2585gqld.incub-teahouse.in.net	ClearFake	ClearFake	Anonymous
2026-04-27 09:10	kel-coreex.asso7tunexpl.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 09:10	jp4j.asso7tunexpl.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 09:05	massivedisco.asso7tunexpl.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 09:04	203.202.232.149:2222	XWorm	XWorm	abuse_ch
2026-04-27 08:49	17393sm.asso7tunexpl.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 08:43	reelfla.asso7tunexpl.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 08:37	kidjo.oasis-reimburse.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 08:32	f532v.oasis-reimburse.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 08:27	136.243.87.141:443	Vidar	Vidar	crep1x
2026-04-27 08:27	136.243.87.133:443	Vidar	Vidar	crep1x
2026-04-27 08:27	136.243.87.138:443	Vidar	Vidar	crep1x
2026-04-27 08:27	136.243.87.134:443	Vidar	Vidar	crep1x
2026-04-27 08:27	136.243.87.129:443	Vidar	Vidar	crep1x
2026-04-27 08:27	136.243.87.131:443	Vidar	Vidar	crep1x
2026-04-27 08:27	136.243.87.140:443	Vidar	Vidar	crep1x
2026-04-27 08:27	136.243.87.132:443	Vidar	Vidar	crep1x
2026-04-27 08:27	136.243.87.128:443	Vidar	Vidar	crep1x
2026-04-27 08:27	136.243.87.139:443	Vidar	Vidar	crep1x
2026-04-27 08:26	https://136.243.87.132/	Vidar	Vidar	crep1x
2026-04-27 08:26	https://136.243.87.128/	Vidar	Vidar	crep1x
2026-04-27 08:26	https://136.243.87.139/	Vidar	Vidar	crep1x
2026-04-27 08:26	https://136.243.87.141/	Vidar	Vidar	crep1x
2026-04-27 08:26	https://136.243.87.133/	Vidar	Vidar	crep1x
2026-04-27 08:26	https://136.243.87.138/	Vidar	Vidar	crep1x
2026-04-27 08:26	https://136.243.87.134/	Vidar	Vidar	crep1x
2026-04-27 08:26	https://136.243.87.129/	Vidar	Vidar	crep1x
2026-04-27 08:26	https://136.243.87.131/	Vidar	Vidar	crep1x
2026-04-27 08:26	https://136.243.87.140/	Vidar	Vidar	crep1x
2026-04-27 08:26	surve-chain.oasis-reimburse.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 08:26	31.220.80.26:31337	Sliver	sliver	whoamix302
2026-04-27 08:26	duskmor.sleazyhe2ded.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 08:26	theorymin.sleazyhe2ded.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 08:26	qdacqez.sleazyhe2ded.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 08:26	trimeshor6.foot-ricochet.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 08:26	br4nd-forge.foot-ricochet.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 08:26	gent1-lab.exhumat8urgle.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 08:26	170.75.167.225:443	Unknown malware	BotManager Unknown malware	whoamix302
2026-04-27 08:26	150.139.132.7:10001	Xtreme RAT	ExtRat Xtreme RAT	whoamix302
2026-04-27 08:26	gathgolde.exhumat8urgle.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 08:26	du5k-panel.exhumat8urgle.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 08:26	broadfilte.exhumat8urgle.in.net	ClearFake	27April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-27 08:26	167.71.65.175:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-27 08:26	161.35.91.164:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-27 08:26	178.62.208.75:25001	Kimwolf	c2 kimwolf	Bitsight
2026-04-27 08:25	107.172.252.244:443	Cobalt Strike	CobaltStrike cs-watermark-666666666	abuse_ch
2026-04-27 08:23	47.111.184.26:8880	Cobalt Strike	CobaltStrike cs-watermark-987654321	abuse_ch
2026-04-27 08:23	147.78.2.110:443	Cobalt Strike	CobaltStrike cs-watermark-987654321	abuse_ch
2026-04-27 08:22	45.130.148.102:8080	Cobalt Strike	CobaltStrike cs-watermark-305419896	abuse_ch
2026-04-27 08:21	crawlerstory.oasis-reimburse.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 08:13	dynvaleis.oasis-reimburse.in.net	ClearFake	ClearFake	Anonymous
2026-04-27 08:07	traile-proc.oasis-reimburse.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 08:00	178.104.213.150:443	Vidar	Vidar	crep1x
2026-04-27 08:00	74.0.42.54:443	Vidar	Vidar	crep1x
2026-04-27 07:59	trimeshum.exhumat8urgle.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 07:59	bom.vi-ler.dk	Vidar	Vidar	crep1x
2026-04-27 07:59	bca.vi-ler.dk	Vidar	Vidar	crep1x
2026-04-27 07:59	tsc.vi-ler.dk	Vidar	Vidar	crep1x
2026-04-27 07:59	gon.vi-ler.dk	Vidar	Vidar	crep1x
2026-04-27 07:59	psy.vi-ler.dk	Vidar	Vidar	crep1x
2026-04-27 07:59	https://gon.vi-ler.dk/	Vidar	Vidar	crep1x
2026-04-27 07:59	https://psy.vi-ler.dk/	Vidar	Vidar	crep1x
2026-04-27 07:59	https://178.104.213.150/	Vidar	Vidar	crep1x
2026-04-27 07:59	https://74.0.42.54/	Vidar	Vidar	crep1x
2026-04-27 07:59	https://bom.vi-ler.dk/	Vidar	Vidar	crep1x
2026-04-27 07:59	https://bca.vi-ler.dk/	Vidar	Vidar	crep1x
2026-04-27 07:59	https://tsc.vi-ler.dk/	Vidar	Vidar	crep1x
2026-04-27 07:59	https://steamcommunity.com/profiles/76561198709529056	Vidar	Vidar	crep1x
2026-04-27 07:52	https://pillow.riverbridge.site/	Vidar	Vidar	crep1x
2026-04-27 07:52	https://bbs.vi-ler.dk/	Vidar	Vidar	crep1x
2026-04-27 07:52	bbs.vi-ler.dk	Vidar	Vidar	crep1x
2026-04-27 07:40	wint3-array.exhumat8urgle.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 07:23	uwfw.foot-ricochet.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 07:18	meta-cl1p.foot-ricochet.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 07:01	norcresta.foot-ricochet.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-27 06:55	5qpfwfow.foot-ricochet.in.net	ClearFake	ClearFake	threatcat_ch