ThreatFox IOC Database

You are browsing the Indicator Of Compromise (IOC) database of ThreatFox. If you would like to contribute IOCs to the corpuse, you can do so through either the web form or the API.

493

IOCs shared (past 24 hours)

ClearFake

Most seen malware family (past 24 hours)

1'670'126

IOCs in corpus

Using the form below, you can search for malware samples by a hash (MD5, SHA256, SHA1), imphash, tlsh hash, ClamAV signature, tag or malware family.

Browse Database

Search syntax is as follow: keyword:search_term

Following is a list of accepted keywords along with an example search_term

ioc:ms-debug-services.com ( run)
malware:CobaltStrike ( run)
tag:TA505 ( run)
threat_type:cc_skimming ( run)
uuid:87f310f3-540b-11eb-922c-42010aa4000a ( run)

Date (UTC)	IOC	Malware	Tags	Reporter
2026-04-26 09:44	https://googlemeet.meeting-live.site/update/GoogleMeetInstaller.zip	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:43	https://meeting-live.site/googlemeet/process.php	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:43	https://meeting-live.site/googlemeet/update.html	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:42	https://meeting-live.site/googlemeet/meeting.html	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:40	ark-spireix.sylo3mer.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 09:38	https://googlemeeettinvitee.click/meet/567/Windows/microsoft-store.php	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:38	https://googlemeeettinvitee.click/meet/567/Windows/invite.php	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:38	googlemeeettinvitee.click	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:35	https://gooogglemeets.click/download.php	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:35	https://gooogglemeets.click	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:34	gooogglemeets.click	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:32	https://goooggle.click/download.php	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:32	https://goooggle.click	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:31	goooggle.click	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:27	https://quantumsignaturecertificationgatewayhub.top/Docusign/1/Windows/install-guide.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-26 09:27	https://quantumsignaturecertificationgatewayhub.top/Docusign/1/Windows/download.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-26 09:26	segmentreagent.rax7pavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 09:25	https://quantumsignaturecertificationgatewayhub.top/Docusign/1/Windows/ms-store.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-26 09:24	https://quantumsignaturecertificationgatewayhub.top/Docusign/1/Windows/invite.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-26 09:24	dortmevsimhotel.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-26 09:24	https://quantumsignaturecertificationgatewayhub.top/D/download.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-26 09:24	https://quantumsignaturecertificationgatewayhub.top/D/	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-26 09:23	https://quantumsignaturecertificationgatewayhub.top/12/download.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-26 09:23	quantumsignaturecertificationgatewayhub.top	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-26 09:22	https://quantumsignaturecertificationgatewayhub.top/12/	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-26 09:20	track8-line.rax7pavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 09:16	https://cloudo4meetup.com/auth/jj/joiningmeeting/gmeet/Windows/microsoft-store.php	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:16	https://cloudo4meetup.com/auth/jj/joiningmeeting/gmeet/Windows/invite.php	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:16	dhariwalsecuritasindia.in.net	Nanocore RAT	NanoCore	abuse_ch
2026-04-26 09:15	cloudo4meetup.com	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-26 09:15	app.slot365.biz	Nanocore RAT	NanoCore	abuse_ch
2026-04-26 09:13	alt-rnodul.rax7pavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 09:11	91.92.34.113:443	NetSupportManager RAT	NetSupport	abuse_ch
2026-04-26 09:11	45.227.254.10:443	NetSupportManager RAT	NetSupport	abuse_ch
2026-04-26 09:10	104.21.69.70:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-04-26 09:10	172.67.206.11:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-04-26 09:10	104.21.22.216:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-04-26 09:10	172.67.207.32:443	Nanocore RAT	NanoCore RAT	abuse_ch
2026-04-26 09:07	pqruqv.rax7pavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 09:07	domaine-equestre-du-somaret.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-26 09:00	4eon.zex1liron.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 08:53	yo04.zex1liron.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 08:48	156.245.147.98:53	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-04-26 08:46	endpoi1-chain.zex1liron.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 08:43	dd.googleos-js.vip	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-04-26 08:43	d2.googleos-js.vip	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-04-26 08:39	r3pa-path.zex1liron.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 08:36	dienmaykynguyenco.vn	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-26 08:33	subt18-beam.qiv5moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 08:26	defen2-forge.qiv5moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 08:16	77.110.117.174:443	GhostSocks		Rony
2026-04-26 08:16	194.28.225.230:443	GhostSocks		Rony
2026-04-26 08:16	64.188.104.2:443	GhostSocks		Rony
2026-04-26 08:16	64.188.104.35:443	GhostSocks		Rony
2026-04-26 08:05	dev.berrapack.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-26 07:59	8etttd19.bexla8rin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 07:53	cinf.bexla8rin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 07:47	freightstitch.bexla8rin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 07:26	hyper-rnead0.dex2lavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 07:19	lum-nexal.dex2lavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 07:18	77.110.117.201:443	GhostSocks	helper	Rony
2026-04-26 07:11	universalgrowing.cl	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-26 07:05	whitecubs.co.za	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-26 07:02	dynline6os.miv6soren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 06:58	monofurniture.co	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-26 06:56	primeshore.miv6soren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 06:49	ultra-enzyrn.miv6soren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 06:40	neroc5j.dexor-host.in.net	ClearFake	ClearFake	Anonymous
2026-04-26 06:34	voit-wjw.dexor-host.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 06:10	fami-wp.dexor-host.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 06:03	sunhq.dexor-host.in.net	ClearFake	ClearFake	Anonymous
2026-04-26 05:54	voxx1.mivon-hub.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 05:47	cuer-e30q.mivon-hub.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 05:37	casa-zw9e.mivon-hub.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 05:30	engagemen.es	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-26 05:30	homm6uc.mivon-hub.in.net	ClearFake	ClearFake	Anonymous
2026-04-26 05:23	alph-qhj.mivon-hub.in.net	ClearFake	ClearFake	Anonymous
2026-04-26 05:21	clearviewandpalisade.co.za	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-26 05:17	proc-256.mivon-hub.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 05:10	eart-l4.noven-sys.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 04:57	mar-jlk.noven-sys.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 04:49	lebe6wwf.noven-sys.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 04:37	opulent.ro	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-26 04:33	stra-j2.noven-sys.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 04:18	amic-po1.sylonix-web.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 04:09	meer-in.sylonix-web.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 03:55	etab-0d.sylonix-web.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 03:40	ocul-xq7.raxen-tech.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 03:34	mati-ns3w.raxen-tech.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 02:53	acti-cmf.zexon-plus.in.net	ClearFake	ClearFake	Anonymous
2026-04-26 02:47	ocche0o.zexon-plus.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 02:36	travb7.zexon-plus.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 02:31	fuss-kx01.zexon-plus.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 02:17	filo-8ao.qivon-store.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 02:15	dzonebcp.duckdns.org	AsyncRAT	asyncrat	abuse_ch
2026-04-26 02:15	chessboard25.pakasak.com	AsyncRAT	asyncrat	abuse_ch
2026-04-26 02:15	32asinc.duckdns.org	AsyncRAT	asyncrat	abuse_ch
2026-04-26 01:58	ami-mfs.qivon-store.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 01:53	koerhl.qivon-store.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 01:47	trab-7t.qivon-store.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 01:39	pieqt.bexlor-net.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 01:26	treexw.bexlor-net.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 01:23	emceeterrence.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-26 01:19	day-g6qh.bexlor-net.in.net	ClearFake	ClearFake	Anonymous
2026-04-26 01:13	plag59o.bexlor-net.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 01:07	terr-53p.bexlor-net.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 01:07	depozit-siemens.ro	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-26 00:40	fore-k6mz.dexon-node.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 00:35	mens-tu.dexon-node.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 00:31	https://tsc.gessoflex.com.br/	Vidar	Vidar	crep1x
2026-04-26 00:31	tsc.gessoflex.com.br	Vidar	Vidar	crep1x
2026-04-26 00:28	c0007.bizhomepass.kr	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-26 00:19	fleuytfp.dexon-node.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-26 00:05	etaknqgp.mivonex-serv.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 23:56	enfa1p13.mivonex-serv.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 23:50	haus-mp.mivonex-serv.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 23:44	onli6sp.mivonex-serv.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 23:39	comp-os4d.mivonex-serv.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 23:38	87.106.168.15:7004	XWorm	XWorm	abuse_ch
2026-04-25 23:28	soft-berg-6p.dex1lavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 23:22	rouge-9.dex1lavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 23:12	petit-fire-1.dex1lavel.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 23:07	bleu-4.dex1lavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 22:59	www.adrianmiller.co.za	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-25 22:57	dark-land-7b.dex1lavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 22:53	trucklinesfm.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-25 22:52	haus-3.miv8soren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 22:40	vert-1.miv8soren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 22:29	noir-6.miv8soren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 22:23	fast-star-2x.miv8soren.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 22:23	jakartaupdate.online	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-25 22:18	open-9.nov2liren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 22:12	zeit-berg-4n.nov2liren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 21:56	soft-land-1.nov2liren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 21:48	rouge-3.nov2liren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 21:44	https://pulsegraph.xyz/t.188cfd3975db.js	Unknown malware	ClickFix EXT	HuntYethHounds
2026-04-25 21:43	https://pulsegraph.xyz/ext.0ff2555835d3.js	Unknown malware	ClickFix EXT	HuntYethHounds
2026-04-25 21:43	https://pulsegraph.xyz/ext-b.58316c304236.js	Unknown malware	ClickFix EXT	HuntYethHounds
2026-04-25 21:42	https://pulsegraph.xyz/t.js	Unknown malware	ClickFix EXT	HuntYethHounds
2026-04-25 21:41	pulsegraph.xyz	Unknown malware	ClickFix EXT	HuntYethHounds
2026-04-25 21:37	haus-1.sylo3mer.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 21:33	https://connectweb.chat/Secure.msi	Unknown malware	ClickFix	HuntYethHounds
2026-04-25 21:33	https://connectweb.chat/verify.html	Unknown malware	ClickFix	HuntYethHounds
2026-04-25 21:32	connectweb.chat	Unknown malware	ClickFix	HuntYethHounds
2026-04-25 21:25	dark-wald-5v.sylo3mer.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 21:10	holz-berg-9.sylo3mer.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 21:08	https://quilborne.org/c	KongTuke	ClickFix Kongtuke	HuntYethHounds
2026-04-25 21:07	https://quilborne.org/g	KongTuke	ClickFix Kongtuke	HuntYethHounds
2026-04-25 21:07	https://quilborne.org/t	KongTuke	ClickFix Kongtuke	HuntYethHounds
2026-04-25 21:06	https://quilborne.org/file.js	KongTuke	ClickFix Kongtuke	HuntYethHounds
2026-04-25 21:06	quilborne.org	KongTuke	ClickFix Kongtuke	HuntYethHounds
2026-04-25 20:58	petit-star-6z.sylo3mer.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 20:53	open-8.rax7pavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 20:47	https://ivangay.bond/log.php	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-04-25 20:46	https://ivangay.bond/api/index.php	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-04-25 20:45	https://ivangay.bond/cf.js	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-04-25 20:45	ivangay.bond	Unknown malware	ClickFix ErrTraffic	HuntYethHounds
2026-04-25 20:41	https://quickbase-assist.com/Windows/download.php	Unknown malware	Fake Adobe SSA	HuntYethHounds
2026-04-25 20:41	https://quickbase-assist.com/Windows/viewpdf.php	Unknown malware	Fake Adobe SSA	HuntYethHounds
2026-04-25 20:40	https://quickbase-assist.com/Windows/statement.php	Unknown malware	Fake Adobe SSA	HuntYethHounds
2026-04-25 20:39	quickbase-assist.com	Unknown malware	Fake Adobe SSA	HuntYethHounds
2026-04-25 20:36	http://zoommcall.com/Windows/install-guide.php	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:36	http://zoommcall.com/Windows/download.php	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:35	http://zoommcall.com/Windows/microsoft-store.php	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:34	https://zoommcall.com/Windows/invite.php	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:34	zoommcall.com	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:32	http://pixeldrain.com/api/file/TV7mrYpe	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:31	https://zoomlive.us/Windows/ZoomWorkspace.bat	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:30	https://zoomlive.us/Windows/invite.php	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:30	zoomlive.us	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:27	https://meetingisliveatgooglemeett.top/Windows/microsoft-store.php	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-25 20:27	https://meetingisliveatgooglemeett.top/Windows/	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-25 20:26	meetingisliveatgooglemeett.top	Unknown malware	Fake Google Meet	HuntYethHounds
2026-04-25 20:21	https://www.docusign.my.googlejoininvite.click/download.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 20:20	blue-mond-9k.rax7pavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 20:20	https://www.docusign.my.googlejoininvite.click/e-sign.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 20:20	https://www.docusign.my.googlejoininvite.click/eDocusign.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 20:19	docusign.my.googlejoininvite.click	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 20:16	https://jugbphm.click/user	Lumma Stealer	Lumma	abuse_ch
2026-04-25 20:16	https://doc.lauraice.xyz/process.php	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:15	https://doc.lauraice.xyz/update.php	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:14	haus-5.zex1liron.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 20:13	https://doc.lauraice.xyz/index.php/update.php	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:12	https://doc.lauraice.xyz/index.php	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:12	doc.lauraice.xyz	Unknown malware	Fake Zoom	HuntYethHounds
2026-04-25 20:04	kalt-7.zex1liron.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 19:58	soft-wald-4.zex1liron.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 19:52	rouge-6.zex1liron.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 19:49	https://usoffweb69.top/doc/download.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 19:48	https://usoffweb69.top/doc/e-sign.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 19:48	usoffweb69.top	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 19:47	http://www.viewsession.live/download.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 19:46	http://www.viewsession.live/e-sign.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 19:46	viewsession.live	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 19:42	https://doc-docsign.cyou/download.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 19:42	https://doc-docsign.cyou/e-sign.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 19:41	open-3.qiv5moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 19:41	https://doc-docsign.cyou/eDocusign.php	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 19:41	doc-docsign.cyou	Unknown malware	Fake DocuSign	HuntYethHounds
2026-04-25 19:35	petit-zeit-8.qiv5moren.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 19:33	http://91.199.133.178/u/setup.exe	Unknown malware	ClickFix	HuntYethHounds
2026-04-25 19:32	https://openclaws.it.com	Unknown malware	ClickFix	HuntYethHounds
2026-04-25 19:32	openclaws.it.com	Unknown malware	ClickFix	HuntYethHounds
2026-04-25 19:30	https://taranta-blow.digital/script.sh	Unknown malware	macOS	HuntYethHounds
2026-04-25 19:29	noir-5x.qiv5moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 19:29	taranta-blow.digital	Unknown malware	macOS	HuntYethHounds
2026-04-25 19:28	https://kakaduthr2sh.digital/script.sh	Unknown malware	macOS	HuntYethHounds
2026-04-25 19:28	kakaduthr2sh.digital	Unknown malware	macOS	HuntYethHounds
2026-04-25 19:27	https://dig-circling.digital/script.sh	Unknown malware	macOS	HuntYethHounds
2026-04-25 19:27	dig-circling.digital	Unknown malware	macOS	HuntYethHounds
2026-04-25 19:25	https://busy-sunni.digital/script.sh	Unknown malware	macOS	HuntYethHounds
2026-04-25 19:25	busy-sunni.digital	Unknown malware	macOS	HuntYethHounds
2026-04-25 19:20	holz-berg-2.qiv5moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 19:10	vert-9.qiv5moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 19:05	gold-star-4s.qiv5moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 18:53	wald-baum-7.bexla8rin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 18:48	bleu-2k.bexla8rin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 18:42	zeit-land-5.bexla8rin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 18:37	haus-3.bexla8rin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 18:27	blue-fire-9w.bexla8rin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 18:21	iron-8.dex2lavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 18:15	https://legadodistillery.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-25 18:15	https://1homeinterior.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-25 18:15	https://joyeles.com.mx/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-25 18:15	https://newyork2026.northamericanskalcongress.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-04-25 18:11	petit-mond-6.dex2lavel.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 18:05	soft-4.dex2lavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 17:59	kalt-berg-1m.dex2lavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 17:52	rouge-7.dex2lavel.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 17:44	dark-star-2v.dex2lavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 17:38	open-9.miv6soren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 17:19	gold-land-8x.miv6soren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 17:04	noir-1.miv6soren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 16:48	kchjc5x.pav3lorex.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 16:27	wave-netw.pav3lorex.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 16:21	cp52.pav3lorex.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 16:14	bundle-sheet.nov7liren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 16:10	landing.anticalcareposeidon.it	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-25 16:09	rx64iv.nov7liren.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 16:09	hf89cj2.nov7liren.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 16:08	pl4sm-flow.nov7liren.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 16:07	sa1atik.cn	SalatStealer	SalatStealer	abuse_ch
2026-04-25 16:02	zencorear1.nov7liren.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 16:00	mpla-clo.cc	Unknown malware	ZigClipper	abuse_ch
2026-04-25 15:45	3fgrll.nov7liren.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 15:40	x1ov.to2varon.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 15:39	65.19.178.79:4782	Quasar RAT	QuasarRAT RAT	abuse_ch
2026-04-25 15:34	156.239.14.132:6667	ValleyRAT	RAT ValleyRAT	abuse_ch
2026-04-25 15:34	156.239.14.132:6668	ValleyRAT	RAT ValleyRAT	abuse_ch
2026-04-25 15:32	dustfix.to2varon.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 15:25	glos-rep.to2varon.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 15:19	n0rt-crest.to2varon.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 15:12	193.161.193.99:51453	Quasar RAT	QusarRAT RAT	abuse_ch
2026-04-25 15:11	ernbe-leaf.to2varon.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 15:11	Unknown8482-51453.portmap.host	Quasar RAT	QusarRAT RAT	abuse_ch
2026-04-25 15:07	80njj90.sylo8mer.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 15:07	theorypin.sylo8mer.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 15:07	wfamakg.to2varon.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 15:05	35.184.9.17:443	MetaStealer	MetaStealer	abuse_ch
2026-04-25 15:01	https://gon.gessoflex.com.br/	Vidar	Vidar	crep1x
2026-04-25 15:01	gon.gessoflex.com.br	Vidar	Vidar	crep1x
2026-04-25 14:59	91.92.241.102:443	SectopRAT	Arechclient2 RAT SectopRAT	abuse_ch
2026-04-25 14:58	vitalpur.sylo8mer.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 14:57	163.61.183.112:9999	Quasar RAT	QusarRAT RAT	abuse_ch
2026-04-25 14:52	ba5ic0-spark.sylo8mer.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 14:45	absshop-ping.xyz	Unknown RAT		tanner
2026-04-25 14:45	acre-sagahill.xyz	Unknown RAT		tanner
2026-04-25 14:45	http://sonra.eutialyson.com/inst24.msi	ClearFake		tanner
2026-04-25 14:41	206.238.115.191:10086	Ghost RAT	Gh0stRAT RAT	abuse_ch
2026-04-25 14:41	talvaleet.histori-pneumonia.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:41	binaryboost.histori-pneumonia.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:41	cl.distritovagas.com	ClearFake		tanner
2026-04-25 14:41	cryst0-core.histori-pneumonia.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:41	sprdec.histori-pneumonia.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	shirela.pitifrube1la.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	zfvhht.pitifrube1la.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	tbfnru68.arapnik-nosog.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	nivo.arapnik-nosog.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	176.65.139.59:1337	Mirai	Mirai	seckle
2026-04-25 14:40	lbwtqscv.arapnik-nosog.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	nuevaprodeciencia.club	Unknown malware	agenteV2	johannes
2026-04-25 14:40	vmi3003111.contaboserver.net	Unknown malware	agenteV2	johannes
2026-04-25 14:40	https://pastebin.com/raw/0RmxqY57	Unknown malware	agenteV2	johannes
2026-04-25 14:40	https://nuevaprodeciencia.club/br77b/iayjaskyeiagds.php	Unknown malware	agenteV2	johannes
2026-04-25 14:40	dark-star-4.limbe7revolut.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	http://45.77.60.153/%2BU2QpCWLB0TeEK0Y%2BTHl1Q%3D%3D	GlassWorm	glassworm Wave3	tipo_deincognito
2026-04-25 14:40	http://217.69.8.40/63RbXCmTBoPZhfyuqUsNdA%3D%3D	GlassWorm	glassworm Wave3	tipo_deincognito
2026-04-25 14:40	http://45.77.60.153/get_arhive_npm/zi2WMapzCnO8eV9QY%2BQQXQ%3D%3D	GlassWorm	glassworm Wave3	tipo_deincognito
2026-04-25 14:40	http://45.77.60.153/darwin-universal/s4%2BECczuPY7jRKr7qbsMng%3D%3D?wallet=trezor	GlassWorm	glassworm wallet-trojan Wave3	tipo_deincognito
2026-04-25 14:40	http://217.69.8.40/get_arhive_npm/jCbp9cVu%2B%2B%2FczOTwvXfJbQ%3D%3D	GlassWorm	glassworm Wave3	tipo_deincognito
2026-04-25 14:40	http://45.77.60.153/darwin-universal/s4%2BECczuPY7jRKr7qbsMng%3D%3D?wallet=ledger	GlassWorm	glassworm wallet-trojan Wave3	tipo_deincognito
2026-04-25 14:40	http://217.69.8.40/darwin-universal/WJcjmFcy4f4SxNGlL5o0cQ%3D%3D?wallet=trezor	GlassWorm	glassworm wallet-trojan Wave3	tipo_deincognito
2026-04-25 14:40	http://217.69.8.40/darwin-universal/WJcjmFcy4f4SxNGlL5o0cQ%3D%3D?wallet=ledger	GlassWorm	glassworm wallet-trojan Wave3	tipo_deincognito
2026-04-25 14:40	http://45.32.150.251/g/63RbXCmTBoPZhfyuqUsNdA%3D%3D	GlassWorm	calendar-c2 glassworm Wave3	tipo_deincognito
2026-04-25 14:40	noir-8.limbe7revolut.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	holz-berg-5.presidium-spike.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	petit-fire-6.presidium-spike.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	https://quiglgy.com/file.js	KongTuke	Kongtuke	monitorsg
2026-04-25 14:40	quiglgy.com	KongTuke	Kongtuke	monitorsg
2026-04-25 14:40	https://quiglgy.com/t	KongTuke	Kongtuke	monitorsg
2026-04-25 14:40	https://quiglgy.com/g	KongTuke	Kongtuke	monitorsg
2026-04-25 14:40	https://quiglgy.com/c	KongTuke	Kongtuke	monitorsg
2026-04-25 14:40	bleu-5.dua1ismmatron.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	rouge-4.fixt-turbine.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	dark-berg-2.fixt-turbine.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	vert-3.ales1ine.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	zenmetrics-software.com	Unknown malware	ClickFix FastAPI Python-embed RAT rmm zm_agent	Lenny_3BO
2026-04-25 14:40	198.251.88.136:443	Unknown malware	ClickFix FastAPI Python-embed RAT rmm zm_agent	Lenny_3BO
2026-04-25 14:40	144.31.215.205:443	Unknown malware	ClickFix FastAPI Python-embed RAT rmm zm_agent	Lenny_3BO
2026-04-25 14:40	https://zenmetrics-software.com/api/devices/register	Unknown malware	ClickFix FastAPI Python-embed RAT rmm zm_agent	Lenny_3BO
2026-04-25 14:40	https://zenmetrics-software.com/api/ws/monitor/	Unknown malware	ClickFix FastAPI Python-embed RAT rmm zm_agent	Lenny_3BO
2026-04-25 14:40	https://zenmetrics-software.com/api/telegram-loggers/mine	Unknown malware	ClickFix FastAPI Python-embed RAT rmm zm_agent	Lenny_3BO
2026-04-25 14:40	zenmetrics.io	Unknown malware	ClickFix FastAPI Python-embed RAT rmm zm_agent	Lenny_3BO
2026-04-25 14:40	holz-baum-8.ales1ine.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	windows-telemetry.cc	CountLoader	CountLoader	aachum
2026-04-25 14:40	https://windows-telemetry.cc/api/submit	CountLoader	CountLoader	aachum
2026-04-25 14:40	adverbrequire.com	FAKEUPDATES	SocGholish	varysz
2026-04-25 14:40	zeit-9.ales1ine.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	api.uioplerixtem.com	FAKEUPDATES	SocGholish	varysz
2026-04-25 14:40	pa-portal.benningtonspringsmhp.com	FAKEUPDATES	SocGholish	varysz
2026-04-25 14:40	fast-berg-4.archit-physiol.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	gold-5.archit-physiol.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	soft-fire-6q.archit-physiol.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	haus-2.archit-physiol.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	rouge-8.slanikt7ay.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	noir-6.slanikt7ay.in.net	ClearFake	24April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	vert-2.cicada-tkacki.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	gold-mond-9z.cicada-tkacki.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	iron-star-2n.caissonnarc0m.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	176.65.139.141:1024	Mirai	Mirai	seckle
2026-04-25 14:40	edaciousedacioussewcomfortless.com	FAKEUPDATES	SocGholish	varysz
2026-04-25 14:40	soft-land-4.caissonnarc0m.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	noir-7.caissonnarc0m.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	holz-baum-4.excavat-toponym.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	blue-fire-8x.excavat-toponym.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	https://deepnoxa.com/update.zip	Unknown malware	ClickFix drawio-sideload electron-loader	Lenny_3BO
2026-04-25 14:40	https://deepnoxa.com/q	Unknown malware	ClickFix drawio-sideload electron-loader	Lenny_3BO
2026-04-25 14:40	deepnoxa.com	Unknown malware	ClickFix drawio-sideload electron-loader	Lenny_3BO
2026-04-25 14:40	https://chimefusion.com/u/	Unknown malware	ClickFix drawio-sideload electron-loader	Lenny_3BO
2026-04-25 14:40	chimefusion.com	Unknown malware	ClickFix drawio-sideload electron-loader	Lenny_3BO
2026-04-25 14:40	0642708ec7c25dec3168f1ab275a29bfd3cf69fe3afc3d5c6eadfa6750102883	Unknown malware	ClickFix drawio-sideload electron-loader	Lenny_3BO
2026-04-25 14:40	d942e9cfc0ca32a3d66ec690090ee22dca74953efed6889fb2292de36f5e39fd	Unknown malware	ClickFix drawio-sideload electron-loader	Lenny_3BO
2026-04-25 14:40	dark-6.excavat-toponym.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	gold-2.excavat-toponym.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	dsf2.excavat-toponym.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	jz8ef5.dex3lavan.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	svvift5-trace.dex3lavan.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	publish2-mount.bexla9rin.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	canopystor.bexla9rin.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	passiv-reage.qiv2moren.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	cultureengine.qiv2moren.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	audittiny.qiv2moren.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	starwinter.rax4pavel.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	argrs.sylo6mer.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	falforma.rax4pavel.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	25eap9f.sylo6mer.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	atomicextract.to9varon.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	rntfvps.to9varon.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	ash-leaf.to9varon.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	inkraven.kymle1rax.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	tercheck.kymle1rax.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	auto-update.tx-wealth.com	FAKEUPDATES	SocGholish	monitorsg
2026-04-25 14:40	http://24.152.36.241:8080	Unknown malware	LofyStealer	johannes
2026-04-25 14:40	vor-spireos.nov3liren.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	serven5um.nov3liren.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	springledg.nov3liren.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:40	conv3r5-glow.dex3lavan.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	mossphoto.zex8liron.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	trigg-crest.rax4pavel.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	149.12.67.231:139	Xtreme RAT	ExtRat Xtreme RAT	whoamix302
2026-04-25 14:39	119.167.191.229:10001	Xtreme RAT	ExtRat Xtreme RAT	whoamix302
2026-04-25 14:39	151.241.88.172:443	Cobalt Strike	Agentemis Beacon Cobalt Strike cobeacon	whoamix302
2026-04-25 14:39	91.92.242.228:443	Remcos		whoamix302
2026-04-25 14:39	83.142.209.58:8081	Remcos		whoamix302
2026-04-25 14:39	173.211.46.145:9000	SectopRAT	1xxbot ArechClient SectopRAT	whoamix302
2026-04-25 14:39	valehar.nov3liren.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	hyper-inv0ice.miv4soren.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	sknrzs3z.miv4soren.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	zrkjvdly.podfdch.com	FAKEUPDATES	SocGholish	varysz
2026-04-25 14:39	sermarkos.miv4soren.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	del1v-graph.dex7lavel.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	planrec.bexla2rin.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	colocip.bexla2rin.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	kelcoreos9.dex7lavel.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	3nzy-layer.qiv9moren.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	bundleform.bexla2rin.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	publishbark.zex3liron.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	velmesh7ix.zex3liron.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	https://ledger.eu.com/ledger-live-desktop.exe	Unknown malware		ninjacatcher
2026-04-25 14:39	igotnofriendsonlineorirl-imgonnakmslmao.skyhanni.cloud	Unknown malware	DoubleFantasy Gibberish LiteLLM payload teampcp telnyx	johannes
2026-04-25 14:39	pixe2-zone.zex3liron.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	f4ct0ry-mark.zex3liron.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:39	rain-line.rax5pavel.in.net	ClearFake	25April2026 ClearFake Commandline Windows	Gi7w0rm
2026-04-25 14:35	reagentcore.sylo8mer.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 14:29	dealparc.sylo8mer.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 14:23	l1ch-mesh.rax5pavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 14:21	47.94.167.171:7777	Cobalt Strike	CobaltStrike cs-watermark-987654321	abuse_ch
2026-04-25 14:21	39.97.233.222:7777	Cobalt Strike	CobaltStrike cs-watermark-987654321	abuse_ch
2026-04-25 14:21	8.136.97.98:8081	Cobalt Strike	CobaltStrike cs-watermark-391144938	abuse_ch
2026-04-25 14:18	107.189.17.214:443	Cobalt Strike	CobaltStrike cs-watermark-987654321	abuse_ch
2026-04-25 14:18	80.78.30.153:443	Cobalt Strike	CobaltStrike cs-watermark-987654321	abuse_ch
2026-04-25 14:17	124.222.75.188:443	Cobalt Strike	CobaltStrike cs-watermark-100000	abuse_ch
2026-04-25 14:10	campa-fla.rax5pavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 13:59	formtrai.rax5pavel.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 13:56	suapagina1.com.br	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-25 13:53	m17e.rax5pavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 13:48	quorlineex.rax5pavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 13:30	bradley.cyber-demo-client-website1.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-25 13:24	tr4ck7-plate.zex3liron.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 13:17	quorforgeet6.zex3liron.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 13:13	zeermoda.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-25 13:05	zakateksmaku.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-25 13:00	4wjh4hoo.qiv9moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 12:54	quormesh1os.qiv9moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 12:48	sng2kb.qiv9moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 12:41	www.tabaccheriadavino.com	StrelaStealer	StrelaStealer	threatcat_ch
2026-04-25 12:37	6z3dyra.qiv9moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 12:31	https://wgw.gessoflex.com.br/	Vidar	Vidar	crep1x
2026-04-25 12:31	wgw.gessoflex.com.br	Vidar	Vidar	crep1x
2026-04-25 12:27	boostmanifest.qiv9moren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 12:21	eamo.bexla2rin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 12:11	fl4rn2-phase.bexla2rin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 12:06	bundleform.bexla2rin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 11:53	f0cu-grid.bexla2rin.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 11:39	workersolar.dex7lavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 11:33	kel-marken.dex7lavel.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 11:20	mer-meshis.dex7lavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 11:05	summiceda.dex7lavel.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 10:59	validatorgri.miv4soren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 10:48	gpfour4.miv4soren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 10:29	fjtx.miv4soren.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 10:16	rockconvoy.kymle1rax.in.net	ClearFake	ClearFake	threatcat_ch
2026-04-25 10:10	firmwa7-point.to9varon.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 10:05	bytehard.sylo6mer.in.net	ClearFake	ClearFake	Anonymous
2026-04-25 09:46	dpcr.qiv2moren.in.net	ClearFake	ClearFake	threatcat_ch