################################################################
# ThreatFox IOCs: recent domains - CSV format                  #
# Last updated: 2024-07-26 18:55:50 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2024-07-26 18:55:50", "1303942", "overstockads.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://x.com/Unit42_Intel/status/1684583246032506880", "mythic", "0", "Rony"
"2024-07-26 14:38:00", "1303923", "canroura.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112852996552741075", "SmartApeSG", "0", "monitorsg"
"2024-07-26 12:10:15", "1303915", "megasena777.top", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112852516884354593", "SmartApeSG", "0", "monitorsg"
"2024-07-26 07:35:57", "1303908", "talk-saturn.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-26 05:47:52", "1303859", "subtitlez0.duckdns.org", "domain", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "https://bazaar.abuse.ch/sample/d11d43f66a89e5c08ab3ddaec58ef74a73952c1dffa538b9349f387f8ef611fe/", "SpyNote", "0", "NDA0E"
"2024-07-26 05:47:51", "1303857", "subtitle42.duckdns.org", "domain", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "https://bazaar.abuse.ch/sample/8c073deb8f9ac1a8f5eee6e9e632d272dccd292f42b515fd4453f192dedbc6f8/", "SpyNote", "0", "NDA0E"
"2024-07-26 05:47:48", "1303864", "thomas-partly.gl.at.ply.gg", "domain", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-26 05:47:46", "1303869", "id-diesel.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-25 16:29:02", "1303630", "soft-download123file.xyz", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2024-07-25 16:29:02", "1303631", "packedbrick.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "KeitaroTDS,SocGholish", "0", "rmceoin"
"2024-07-25 14:26:11", "1303621", "imc1.top", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112847330018291986", "SmartApeSG", "0", "monitorsg"
"2024-07-25 14:26:08", "1303626", "novidadesfresquinhas.online", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112847584114238337", "SmartApeSG", "0", "monitorsg"
"2024-07-25 07:27:03", "1303618", "office-adr.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://x.com/Unit42_Intel/status/1684583246032506880", "mythic", "0", "Rony"
"2024-07-25 06:53:36", "1303582", "troia23.duckdns.org", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
# Number of entries: 14