ThreatFox IOC Database

You are browsing the Indicator Of Compromise (IOC) database of ThreatFox. If you would like to contribute IOCs to the corpuse, you can do so through either the web form or the API.

1'008

IOCs shared (past 24 hours)

Vidar

Most seen malware family (past 24 hours)

1'680'215

IOCs in corpus

Using the form below, you can search for malware samples by a hash (MD5, SHA256, SHA1), imphash, tlsh hash, ClamAV signature, tag or malware family.

Browse Database

Search syntax is as follow: keyword:search_term

Following is a list of accepted keywords along with an example search_term

ioc:ms-debug-services.com ( run)
malware:CobaltStrike ( run)
tag:TA505 ( run)
threat_type:cc_skimming ( run)
uuid:87f310f3-540b-11eb-922c-42010aa4000a ( run)

Date (UTC)	IOC	Malware	Tags	Reporter
2026-05-11 03:15	https://aeroflexsealing.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-11 02:15	holidayonid.com.co	AsyncRAT	asyncrat	abuse_ch
2026-05-11 02:15	cooltool.jp.net	AsyncRAT	asyncrat	abuse_ch
2026-05-11 00:27	testerlau.lat	Unknown Webinject	ErrTraffic	Gi7w0rm
2026-05-10 23:45	150.158.109.61:9090	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-10 23:45	112.213.106.53:18443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-10 23:16	robodomain.sbs	Unknown malware	ErrTraffic	Gi7w0rm
2026-05-10 21:36	199.247.14.16:5000	Unknown malware	ChromeExtension glassworm RAT	Gi7w0rm
2026-05-10 21:36	199.247.14.16:10000	Unknown malware	ChromeExtension glassworm RAT	Gi7w0rm
2026-05-10 21:36	199.247.14.16:80	Unknown malware	ChromeExtension glassworm RAT	Gi7w0rm
2026-05-10 20:41	ok99.jp.net	AsyncRAT	asyncrat	abuse_ch
2026-05-10 20:20	http://marconiliqhting.com/emma/encode.php	Loki Password Stealer (PWS)	Loki	abuse_ch
2026-05-10 19:44	64.23.231.32:9001	Sliver	drb-ra sliver	abuse_ch
2026-05-10 19:44	5.78.110.145:7989	DanaBot	DanBot drb-ra	abuse_ch
2026-05-10 19:44	46.109.239.103:8808	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-05-10 19:44	44.206.172.239:7443	Unknown malware	drb-ra Mythic	abuse_ch
2026-05-10 19:44	31.57.184.154:443	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-05-10 19:44	24.134.4.221:4714	NetSupportManager RAT	drb-ra NetSupport RAT	abuse_ch
2026-05-10 19:43	209.99.188.44:7443	Unknown malware	drb-ra Mythic	abuse_ch
2026-05-10 19:43	195.123.240.236:443	RansomHub	drb-ra RansomHub	abuse_ch
2026-05-10 19:43	195.123.240.236:8274	RansomHub	drb-ra RansomHub	abuse_ch
2026-05-10 19:43	189.34.188.6:5406	NetSupportManager RAT	drb-ra NetSupport RAT	abuse_ch
2026-05-10 19:43	189.34.188.6:5407	NetSupportManager RAT	drb-ra NetSupport RAT	abuse_ch
2026-05-10 19:43	178.16.55.171:444	Eye Pyramid	drb-ra EyePyramid	abuse_ch
2026-05-10 19:43	178.105.40.204:443	Havoc	drb-ra Havoc	abuse_ch
2026-05-10 19:43	138.9.237.106:8015	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-05-10 19:43	130.49.214.74:50194	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-05-10 18:57	1net.ro	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:57	1sttxreversemtg.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:57	allstartsealing.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:57	alnuric.org	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:57	aplikasigerhanatoto1.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:57	av-automotive.be	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:57	ayuntamientodeyecora.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:57	b2b.castorsunglasses.es	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:57	belindabuck.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:57	berylsegerschronicles.com.au	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:57	biopelletuab.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:57	boilermill.com.br	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	buktijpilmu.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	centralathleticfoundation.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	ciphercodersweb.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	cofeusa.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	columbusisles.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	compraway.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	copierondemand.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	dipfeed.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	diversidadecatolica.com.br	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	drisdellehomes.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	easttechnicalstudio.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	eltransistorgranada.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	energyarts.com.br	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	foresightedtech.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	gazaltours.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	goldenlifemanor.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	greyandbold.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	gustavogorriaran.com.uy	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	heachang.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	hijamawala.co.uk	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	hudaaldosari.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	hzarchitects.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	ianvance.co.uk	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	ideaverdegolf.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	infodehrifcam.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	inspiredassistance.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	jeepbastard.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	jessicaassociates.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	josdream.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	kawamawidows.org	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	kkg-wehofen.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	ktgafurov.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	lamusedurres.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	laforetfestas.com.br	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	lifemagazine.nl	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	lkexcellence.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	lombardoautomotive.it	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	loveworldvirtualchurch.org.uk	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	m1-ma.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	makecontractorsgreatagain.net	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	mamaspusties.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	miariym.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	mkscoffee.co.uk	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	mnpermlighting.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	njfamilyphotography.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	nmv-contruction.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	novacarnes.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	ontronics.co.uk	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	pastquestion.com.ng	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	patrafoam.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	philadelphiarestorationservices.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	pool.sprecher-akademie.at	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:56	prediksitaysen88.cloud	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	proplayuk.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	qblicense.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	quotient-capital.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	riodomedia.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	safa71.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	safeguardips.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	sapienharvest.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	scalp-coiffure.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	shivshankarexp.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	simicenter.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	sinte.cl	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	staybadparamotor.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	tcwaremmien.be	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	totaaldiscounter.nl	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	tramproject.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	viccidinivillas.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	vipeshome.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	winesportbet.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	yogaonthewallkill.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	yourgreendreams.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:55	zofianatra.com	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:54	110.41.76.236:8888	Cobalt Strike	CobaltStrike cs-watermark-987654321	abuse_ch
2026-05-10 18:53	87.121.89.170:80	Cobalt Strike	CobaltStrike cs-watermark-987654321	abuse_ch
2026-05-10 18:53	38.147.170.246:443	Cobalt Strike	CobaltStrike cs-watermark-666666666	abuse_ch
2026-05-10 18:50	zsyp.cn.com	AsyncRAT	asyncrat	abuse_ch
2026-05-10 18:50	wplog.jp.net	AsyncRAT	asyncrat	abuse_ch
2026-05-10 18:50	roofing.gb.net	AsyncRAT	asyncrat	abuse_ch
2026-05-10 18:50	deepsteam.sa.com	AsyncRAT	asyncrat	abuse_ch
2026-05-10 18:50	admingdtg.vn	AsyncRAT	asyncrat	abuse_ch
2026-05-10 18:50	aliexpress.us.com	XWorm	XWorm	abuse_ch
2026-05-10 18:48	api.portimaloter.com	FAKEUPDATES	SocGholish	threatcat_ch
2026-05-10 18:46	aviastore.it	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	varysz
2026-05-10 18:42	172.233.46.13:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:42	172.235.160.166:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:42	172.239.238.87:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:42	172.239.238.115:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:42	172.239.238.125:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:42	172.239.238.148:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:42	172.239.238.152:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:42	172.235.160.185:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:42	172.233.46.59:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:42	172.239.238.254:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:42	https://donutsmpcheat.com/	Unknown malware	WeedHack	burger
2026-05-10 18:42	https://donutsmpcheat.com/downloads/kryptonite-cracked.jar	Unknown malware	WeedHack	burger
2026-05-10 18:42	https://donutsmpcheat.com/downloads/float-client.jar	Unknown malware	WeedHack	burger
2026-05-10 18:42	https://donutsmpcheat.com/downloads/solar-client.jar	Unknown malware	WeedHack	burger
2026-05-10 18:42	https://donutsmpcheat.com/downloads/xenon-cracked.jar	Unknown malware	WeedHack	burger
2026-05-10 18:42	https://donutsmpcheat.com/downloads/meteor-client.jar	Unknown malware	WeedHack	burger
2026-05-10 18:42	bahaisda.cyou	Lumma Stealer	domain Lumma Lumma Stealer stealer	RacWatchin8872
2026-05-10 18:42	privahtc.cyou	Lumma Stealer	domain Lumma Lumma Stealer stealer	RacWatchin8872
2026-05-10 18:42	brakyfaw.cyou	Lumma Stealer	domain Lumma Lumma Stealer stealer	RacWatchin8872
2026-05-10 18:42	fourdigs.cyou	Lumma Stealer	domain Lumma Lumma Stealer stealer	RacWatchin8872
2026-05-10 18:42	straigxo.cyou	Lumma Stealer	domain Lumma Lumma Stealer stealer	RacWatchin8872
2026-05-10 18:42	honceybl.cyou	Lumma Stealer	domain Lumma Lumma Stealer stealer	RacWatchin8872
2026-05-10 18:42	mexzicaj.cyou	Lumma Stealer	domain Lumma Lumma Stealer stealer	RacWatchin8872
2026-05-10 18:42	carytui.vu	Lumma Stealer	domain Lumma Lumma Stealer stealer	RacWatchin8872
2026-05-10 18:42	genxetia.cyou	Lumma Stealer	domain Lumma Lumma Stealer stealer	RacWatchin8872
2026-05-10 18:42	heavywbp.cyou	Lumma Stealer	domain Lumma Lumma Stealer stealer	RacWatchin8872
2026-05-10 18:42	pomflgf.vu	Lumma Stealer	domain Lumma Lumma Stealer stealer	RacWatchin8872
2026-05-10 18:42	129.211.2.123:443	Cobalt Strike	45090 c2 censys Cobalt Strike	sojubear
2026-05-10 18:42	64.176.36.41:443	Cobalt Strike	20473 c2 censys Cobalt Strike	sojubear
2026-05-10 18:42	193.112.165.165:8081	Cobalt Strike	45090 c2 censys Cobalt Strike	sojubear
2026-05-10 18:42	38.147.170.246:80	Cobalt Strike	139659 c2 censys Cobalt Strike	sojubear
2026-05-10 18:42	1.92.101.103:8099	Cobalt Strike	55990 c2 censys Cobalt Strike	sojubear
2026-05-10 18:42	51.49.154.73:28080	Meterpreter	16509 c2 censys MetaSploit	sojubear
2026-05-10 18:42	18.61.24.85:3260	Meterpreter	16509 c2 censys MetaSploit	sojubear
2026-05-10 18:42	15.152.97.87:2405	Meterpreter	16509 c2 censys MetaSploit	sojubear
2026-05-10 18:42	3.11.8.247:48294	Meterpreter	16509 c2 censys MetaSploit	sojubear
2026-05-10 18:42	49.228.131.165:2423	Quasar RAT	133481 c2 censys quasar	sojubear
2026-05-10 18:42	13.53.214.62:2380	Meterpreter	16509 c2 censys MetaSploit	sojubear
2026-05-10 18:42	https://menangmulu.jp.net/	Nanocore RAT	exe NanoCore RAT	cleanabuseweb
2026-05-10 18:41	https://www.menangmulu.jp.net/	Nanocore RAT	exe NanoCore RAT	cleanabuseweb
2026-05-10 18:41	https://transactions-service.fr/	Unknown malware	ClickFix	CarsonWilliams
2026-05-10 18:41	38.210.210.16:443	Unknown malware	banker brazilian-banker dotNET hetzner mexico sky_blackrock skywalker	Lenny_3BO
2026-05-10 18:41	65.109.55.181:443	Unknown malware	banker brazilian-banker dotNET hetzner mexico sky_blackrock skywalker	Lenny_3BO
2026-05-10 18:41	178.156.225.48:443	Unknown malware	banker brazilian-banker dotNET hetzner mexico sky_blackrock skywalker	Lenny_3BO
2026-05-10 18:40	http://8.218.254.115:9999/supershell/login/	Unknown malware	AS45102 Supershell	antiphishorg
2026-05-10 18:40	8.218.254.115:9999	Unknown malware	AS45102 Supershell	antiphishorg
2026-05-10 18:40	172.235.182.55:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:40	172.235.182.77:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:40	172.233.43.79:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:40	172.235.182.100:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:40	172.233.43.32:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:40	172.235.182.79:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:40	172.235.182.4:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:40	172.235.182.110:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:40	172.235.182.64:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:40	172.235.182.112:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:40	https://abkhajjandumrah.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-10 18:40	https://aaml.co.uk/	Unknown malware	ClickFix	CarsonWilliams
2026-05-10 18:40	https://playgamesonline.in.net:54984	Nanocore RAT	NanoCore RAT	cleanabuseweb
2026-05-10 18:40	http://144.48.124.90:5000/supershell/login/	Unknown malware	AS132839 POWER LINE DATACENTER Supershell	antiphishorg
2026-05-10 18:40	144.48.124.90:5000	Unknown malware	AS132839 POWER LINE DATACENTER Supershell	antiphishorg
2026-05-10 18:40	https://centraldepropaganda.com.br/	Unknown malware	ClickFix	CarsonWilliams
2026-05-10 18:40	https://castlebridgeng.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-10 18:40	https://blumennorden.cl/	Unknown malware	ClickFix	CarsonWilliams
2026-05-10 18:40	176.65.139.183:9506	Mirai	Mirai	seckle
2026-05-10 18:40	https://engetrina.com.br/	Unknown malware	ClickFix	CarsonWilliams
2026-05-10 18:40	https://eduagentic.ai/	Unknown malware	ClickFix	CarsonWilliams
2026-05-10 18:40	https://drdservices.ca/	Unknown malware	ClickFix	CarsonWilliams
2026-05-10 18:40	193.221.201.244:33334	RedLine Stealer	RedLine	Silentium
2026-05-10 18:40	172.235.166.249:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:40	172.239.233.188:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:40	172.233.44.73:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	172.239.233.203:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	172.233.61.175:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	172.233.61.189:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	172.239.233.162:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	172.233.49.140:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	172.235.166.230:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	7d7948005af45b2fbc59a20c266ffd70f584d0fba1a28e048bd9994ad9353bdb	VShell	c2 Loader Vshell	Lenny_3BO
2026-05-10 18:39	http://43.142.51.69:8002	VShell	c2 Loader Vshell	Lenny_3BO
2026-05-10 18:39	43.142.51.69:443	VShell	c2 Loader Vshell	Lenny_3BO
2026-05-10 18:39	172.233.45.171:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	https://gimarystore.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-10 18:39	https://forttis-courtage.ch/	Unknown malware	ClickFix	CarsonWilliams
2026-05-10 18:39	https://www.gmi-industries.com/	Unknown malware	ClickFix	CarsonWilliams
2026-05-10 18:39	donutsmpcheat.com	Unknown malware	WeedHack	burger
2026-05-10 18:39	462da039980a8f166fbd27d15437fa093ab9c369ba13055d7fad90bf3b9d1627	Nanocore RAT	exe NanoCore RAT	cleanabuseweb
2026-05-10 18:39	helper.zulipchat.com	Unknown malware	ZiChatBot	johannes
2026-05-10 18:39	172.235.175.47:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	172.235.175.137:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	http://108.59.252.214/9290546939c94eebbdb2.php	Stealc	c2 Loader modo Stealc stealer	Bitsight
2026-05-10 18:39	172.235.175.121:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	172.233.46.84:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	172.235.175.103:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	172.235.175.67:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	172.235.175.53:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	172.235.175.62:25001	Kimwolf	c2 kimwolf	Bitsight
2026-05-10 18:39	https://www.paperrig.store/	Unknown malware	WeedHack	burger
2026-05-10 18:39	cruch.online	Unknown malware	c2	burger
2026-05-10 18:39	178.208.87.109:443	Unknown malware	c2	burger
2026-05-10 18:39	9be2cd1308cfbb403db283c6fa1ac0aa37cdbe301e3768804170420c4a3ae38b	Nanocore RAT	eazfuscator Keylogger NanoCore persistence RAT spreader stealer vbnet	LucasADI
2026-05-10 18:38	144.48.124.94:8888	Unknown malware	AS132839 POWER LINE DATACENTER Supershell	antiphishorg
2026-05-10 18:38	http://144.48.124.94:8888/supershell/login/	Unknown malware	AS132839 POWER LINE DATACENTER Supershell	antiphishorg
2026-05-10 18:38	http://144.48.124.92:8888/supershell/login/	Unknown malware	AS132839 POWER LINE DATACENTER Supershell	antiphishorg
2026-05-10 18:38	144.48.124.92:8888	Unknown malware	AS132839 POWER LINE DATACENTER Supershell	antiphishorg
2026-05-10 18:20	mestizo.co.com	Quasar RAT	quasar	abuse_ch
2026-05-10 18:20	7mcn.cyou	Quasar RAT	quasar	abuse_ch
2026-05-10 18:05	situsslotqris.jp.net	AsyncRAT	asyncrat	abuse_ch
2026-05-10 18:05	qh88sun.com	AsyncRAT	asyncrat	abuse_ch
2026-05-10 18:05	123b-jp.com	AsyncRAT	asyncrat	abuse_ch
2026-05-10 17:47	opsmgr.data-core-logic.wiki	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:46	extnetprox.devharbor.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 17:43	cpuprocessormgr.data-core-logic.wiki	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:41	pkgrunstat.devharbor.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 17:38	vpsrun.data-core-logic.wiki	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:37	modbusdata.devharbor.pics	ClearFake	ClearFake	Anonymous
2026-05-10 17:34	dnswebsrvs.data-core-logic.wiki	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:32	srcgetproc.devharbor.pics	ClearFake	ClearFake	Anonymous
2026-05-10 17:30	devbits.global-net-admin-service.wiki	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:27	ftpsrv.pixelmesh.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:23	libsyspathview.pixelmesh.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:21	api.global-net-admin-service.wiki	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:18	jobadm.pixelmesh.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:15	webcdnstat.global-net-admin-service.wiki	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:15	https://peoples-bridge.job-bank.co.uk/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-10 17:14	rawdatamapping.pixelmesh.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:11	srvnode.global-net-admin-service.wiki	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:10	zipark.pixelmesh.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:06	ftpsrv.framevector.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 17:04	metaltscfgmgr.logicframe.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 17:01	libsyspathview.framevector.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 16:56	apidocserv.logicframe.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 16:55	jobadm.framevector.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 16:51	dbinst.logicframe.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 16:50	rawdatamapping.framevector.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 16:46	skyvpnnodehub.logicframe.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 16:44	zipark.framevector.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 16:39	cmdset.logicframe.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 16:39	metaltscfgmgr.systemforge.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 16:34	sshbin.cloudstack.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 16:34	apidocserv.systemforge.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 16:28	sslkeybasepoint.cloudstack.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 16:27	dbinst.systemforge.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 16:23	getcfghub.cloudstack.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 16:22	skyvpnnodehub.systemforge.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 16:17	ipnodeclisys.cloudstack.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 16:16	cmdset.systemforge.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 16:12	hotfix.cloudstack.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 16:11	sshbin.cryptowave.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 16:06	topsvc.bytevector.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 15:51	run.bytevector.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 15:50	fix.cryptowave.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 15:48	opsmgr.bytevector.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 15:48	sslkeybasepoint.cryptowave.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 15:44	cpuprocessormgr.bytevector.pics	ClearFake	ClearFake	Anonymous
2026-05-10 15:43	getcfghub.cryptowave.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 15:39	vpsrun.bytevector.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 15:38	ipnodeclisys.cryptowave.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 15:34	hotfix.cryptowave.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 15:34	dnswebsrvs.bytevector.pics	ClearFake	ClearFake	Anonymous
2026-05-10 15:30	devbits.kernelshift.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 15:28	topsvc.datashift.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 15:24	logmanagementsys.kernelshift.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 15:24	opsmgr.datashift.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 15:20	api.kernelshift.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 15:20	cpuprocessormgr.datashift.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 15:13	webcdnstat.kernelshift.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 15:13	vpsrun.datashift.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 15:06	srvnode.kernelshift.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 15:06	dnswebsrvs.datashift.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 15:00	optirni-cast.scriptmesh.ink	ClearFake	ClearFake	Anonymous
2026-05-10 14:58	devbits.stackpulse.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 14:53	civicvehicl.scriptmesh.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 14:51	logmanagementsys.stackpulse.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 14:47	designdepot.scriptmesh.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 14:44	api.stackpulse.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 14:41	vita-not.scriptmesh.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 14:41	vita-not.scriptmesh.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 14:38	webcdnstat.stackpulse.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 14:34	n0df7.kernelgrid.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 14:31	srvnode.stackpulse.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 14:27	dynmark0on.kernelgrid.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 14:21	sol-tideen.kernelgrid.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 14:16	businessland.io	Nanocore RAT	NanoCore	abuse_ch
2026-05-10 14:14	v1si-sync.kernelgrid.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 14:07	2784kns.kernelgrid.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 14:01	2qjub.logicstack.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 13:56	macroloop.logicstack.ink	ClearFake	ClearFake	Anonymous
2026-05-10 13:51	njrwmhh.cyberframe.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 13:48	ftscfs.logicstack.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 13:45	m3rg0-sync.cyberframe.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 13:42	beartrend.logicstack.ink	ClearFake	ClearFake	Anonymous
2026-05-10 13:39	pipelinegrim.cyberframe.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 13:35	wamemd.logicstack.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 13:32	velmeshix.cyberframe.lat	ClearFake	ClearFake	Anonymous
2026-05-10 13:28	solnex3et.cybernode.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 13:25	tal-valeum.cyberframe.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 13:22	netvvork-hinge.cybernode.ink	ClearFake	ClearFake	Anonymous
2026-05-10 13:19	b4nne-hinge.kernelwave.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 13:15	swanresolver.cybernode.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 13:12	ancientshadow.kernelwave.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 13:08	networ2-forge.scriptmesh.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 13:06	vorcore2ix.kernelwave.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 13:02	traminve.cloudvector.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 12:59	h04c.kernelwave.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 12:53	geo-illurne.cloudvector.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 12:52	78fm.kernelwave.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 12:46	vvh3el-crest.cloudvector.ink	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 12:45	tracke-signal.cryptostack.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 12:39	heathergent.cloudvector.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 12:39	conv-wagon.cryptostack.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 12:32	wlr33mz.cloudvector.ink	ClearFake	ClearFake	threatcat_ch
2026-05-10 12:32	tre75.cryptostack.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 12:29	7dml.netstack.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 12:26	5md3.netstack.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 12:23	thornbanner.cryptostack.lat	ClearFake	ClearFake	Anonymous
2026-05-10 12:19	5ccj6.netstack.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 12:16	trimark5ar.cryptostack.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 12:13	forefern.pixelnode.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 12:09	lkkgv50r.logicbyte.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 12:06	coreshield.pixelnode.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 12:04	hyper-c0ra.logicbyte.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 12:00	aghw.pixelnode.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 11:56	2t1ridv.logicbyte.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 11:53	vocalpro.pixelnode.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 11:50	curio-garde.logicbyte.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 11:47	dynven3um.pixelnode.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 11:43	vornexal5.logicbyte.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 11:42	quortideis.cloudmesh.lat	ClearFake	ClearFake	Anonymous
2026-05-10 11:37	northglyp.devmatrix.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 11:35	videosparrow.cloudmesh.lat	ClearFake	ClearFake	Anonymous
2026-05-10 11:30	offermedia.devmatrix.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 11:29	bay-loyal.cloudmesh.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 11:24	proto-s0uth.cloudmesh.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 11:24	woodcora.devmatrix.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 11:17	hyper-w4ve.cloudmesh.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 11:17	torrentlabel.devmatrix.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 11:16	protecttar.bytegrid.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 11:10	ht7sq.devmatrix.lat	ClearFake	ClearFake	Anonymous
2026-05-10 11:10	lfmfi.bytegrid.lat	ClearFake	ClearFake	Anonymous
2026-05-10 11:04	sercresta.mongofixcore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 11:03	narr-isl.bytegrid.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 11:01	5pruce-hold.bytegrid.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 10:57	aligalpha.mongofixcore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 10:54	dynmarkal.codeflux.lat	ClearFake	ClearFake	Anonymous
2026-05-10 10:51	kelven7or.mongofixcore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 10:47	cryptovault.codeflux.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 10:45	142.171.172.100:17443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-10 10:45	api.apifox.top	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-05-10 10:44	pway7.mongofixcore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 10:41	zirviss9.codeflux.lat	ClearFake	ClearFake	Anonymous
2026-05-10 10:37	5tone-mesh.mongofixcore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 10:34	queu-scan.codeflux.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 10:31	gentletide.setqueueat.lat	ClearFake	ClearFake	Anonymous
2026-05-10 10:28	lvbj1i51.codeflux.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 10:25	bloom7-hinge.setqueueat.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 10:21	shipdem.lipshellcore.lat	ClearFake	ClearFake	Anonymous
2026-05-10 10:20	perspectives-family.org	Nanocore RAT	NanoCore	abuse_ch
2026-05-10 10:18	si1e-branch.setqueueat.lat	ClearFake	ClearFake	Anonymous
2026-05-10 10:15	script1-gate.lipshellcore.lat	ClearFake	ClearFake	Anonymous
2026-05-10 10:11	oakbalancer.setqueueat.lat	ClearFake	ClearFake	Anonymous
2026-05-10 10:08	boosmars.lipshellcore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 10:05	anchorfreigh.setqueueat.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 10:02	98ykbe5.lipshellcore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 09:59	solspireex3.queuedimsys.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 09:55	quer-graph.lipshellcore.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 09:52	assetprotect.queuedimsys.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 09:49	r3age8-index.lipshellcore.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 09:45	sub-vit4.queuedimsys.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 09:44	57.158.27.132:8080	Sliver	drb-ra sliver	abuse_ch
2026-05-10 09:44	43.133.149.36:18080	Unknown malware	drb-ra Mythic	abuse_ch
2026-05-10 09:43	207.56.2.25:7443	Unknown malware	drb-ra Mythic	abuse_ch
2026-05-10 09:43	198.23.185.234:7707	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-05-10 09:43	194.26.192.229:50	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-05-10 09:43	192.159.99.183:8080	Evilginx	drb-ra EvilGinx EvilGoPhish	abuse_ch
2026-05-10 09:43	179.43.134.189:9968	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-05-10 09:43	175.27.164.136:7443	Unknown malware	drb-ra Mythic	abuse_ch
2026-05-10 09:43	172.245.152.57:443	Havoc	drb-ra Havoc	abuse_ch
2026-05-10 09:42	casual-trail.mixzipcore64.lat	ClearFake	ClearFake	Anonymous
2026-05-10 09:36	arktide8ex.queuedimsys.lat	ClearFake	ClearFake	Anonymous
2026-05-10 09:35	warmhar.mixzipcore64.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 09:29	209id.queuedimsys.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 09:29	not1fie-mesh.mixzipcore64.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 09:23	rainstudio.userssawtone.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 09:22	bandwid-route.mixzipcore64.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 09:16	talnex5on.userssawtone.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 09:16	granitebroad.mixzipcore64.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 09:16	granitebroad.mixzipcore64.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 09:10	gxyuad.userssawtone.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 09:09	tide6-well.mixzipcore64.lat	ClearFake	ClearFake	Anonymous
2026-05-10 09:03	mervaleet.userssawtone.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 09:03	cry5t4-stream.wetshardauth.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 08:57	gr1m-mark.userssawtone.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 08:56	quormark2et.wetshardauth.lat	ClearFake	ClearFake	Anonymous
2026-05-10 08:49	channe-grid.wetshardauth.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 08:47	optwebnode.softnetworkset.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 08:44	5pr0-span.wetshardauth.lat	ClearFake	ClearFake	Anonymous
2026-05-10 08:40	usrgrpstat.softnetworkset.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 08:36	banb3.wetshardauth.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 08:34	vmlistview.softnetworkset.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 08:30	honestshape.wetshardauth.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 08:27	sshproserv.softnetworkset.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 08:23	vel-fluxix.didoprotecauth.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 08:20	tcpconpath.softnetworkset.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 08:17	sens-ring.didoprotecauth.lat	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 08:14	netmanproc.softnetworkset.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 08:10	gey5-reach.didoprotecauth.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 08:07	syskeypath.logicstackhub.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 08:04	hz1v.didoprotecauth.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 08:01	webdocserv.logicstackhub.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 07:57	sermesh7um.didoprotecauth.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 07:54	appsrchcli.logicstackhub.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 07:52	ujkj.didoprotecauth.lat	ClearFake	ClearFake	threatcat_ch
2026-05-10 07:49	logbinnode.logicstackhub.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 07:46	xml.webdatapoint.co	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 07:43	apiopsstat.logicstackhub.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 07:41	proc.webdatapoint.co	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 07:38	gitlabhubs.logicstackhub.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 07:35	proxysserv.infrapointbase.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 07:30	tmpdirsetsys.webdatapoint.co	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 07:29	lanhoppath.infrapointbase.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 07:24	sshbin.webdatapoint.co	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 07:24	subclidata.infrapointbase.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 07:18	bitkitmaps.infrapointbase.pics	ClearFake	ClearFake	Anonymous
2026-05-10 07:13	getcfghub.webdatapoint.co	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 07:12	envsetproc.infrapointbase.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 07:06	ipnodeclisys.webdatapoint.co	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 07:06	doclabutil.infrapointbase.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 07:01	hotfix.webdatapoint.co	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 07:01	syncitnode.cloudprocmgr.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 06:54	ioflowpath.cloudprocmgr.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 06:49	taskidview.cloudprocmgr.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 06:43	comwebstat.cloudprocmgr.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 06:37	refidcorex.cloudprocmgr.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 06:31	autboxserv.cloudprocmgr.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 06:25	domregutil.datalinkservice.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 06:20	׏}	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 06:19	pwrlogview.datalinkservice.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 06:14	extnetprox.datalinkservice.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 06:08	pkgrunstat.datalinkservice.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 06:02	modbusdata.datalinkservice.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 05:57	srcgetproc.datalinkservice.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 05:50	uidmapbits.webstackengine.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 05:44	ftpsrvnode.webstackengine.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 05:38	libsyspath.webstackengine.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 05:33	jobadmmgrs.webstackengine.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 05:27	rawdatamap.webstackengine.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 05:22	ziparkview.webstackengine.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 05:16	osbasesyst.nodesystemcore.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 05:15	hm88athen.com	AsyncRAT	asyncrat	abuse_ch
2026-05-10 05:15	jogoforuma.com	AsyncRAT	asyncrat	abuse_ch
2026-05-10 05:11	metaltscfg.nodesystemcore.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 05:06	apidocserv.nodesystemcore.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 05:00	dbinstlist.nodesystemcore.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 04:55	skyvpnnode.nodesystemcore.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 04:48	cmdsetproc.nodesystemcore.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 04:43	tmpdirsets.techopsruntime.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 04:37	syslink.cloudflowops.co	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 04:37	sshbinpath.techopsruntime.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 04:29	cmd.cloudflowops.co	ClearFake	ClearFake	Anonymous
2026-05-10 04:29	sslkeybase.techopsruntime.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 04:23	metaviewhub.cloudflowops.co	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 04:23	getcfghubs.techopsruntime.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 04:18	sync.cloudflowops.co	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 04:18	ipnodeclis.techopsruntime.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 04:15	https://eltahdamexploration.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-05-10 04:12	flowmaster.cloudflowops.co	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 04:11	hotfixpack.techopsruntime.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 04:06	cloud.cloudflowops.co	ClearFake	ClearFake	Anonymous
2026-05-10 04:06	bitfoxcore.coderworkflow.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 04:01	bitfoxcoreunit.cloudflowops.co	ClearFake	ClearFake	Anonymous
2026-05-10 04:00	topsvcutil.coderworkflow.pics	ClearFake	ClearFake	threatcat_ch
2026-05-10 03:55	topsvc.cloudflowops.co	ClearFake	ClearFake	Anonymous
2026-05-10 03:54	opsmgrsvcs.coderworkflow.pics	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 03:48	opsmgr.cloudflowops.co	ClearFake	10May2026 ClearFake Commandline Windows	Gi7w0rm
2026-05-10 03:48	cpuprosmgr.coderworkflow.pics	ClearFake	ClearFake	threatcat_ch