################################################################ # ThreatFox IOCs: recent URLs - CSV format # # Last updated: 2024-10-07 08:03:29 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2024-10-07 08:03:29", "1334405", "https://116.203.9.188/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2024-10-07 08:03:08", "1334402", "http://proxy.johnmccrea.com/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2024-10-07 08:02:58", "1334401", "http://lade.petperfectcare.com/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2024-10-07 04:50:26", "1334377", "https://methodbojjewkl.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/813159a778ae9c4c5f66cf60ac3b30fc30f6bbf574279c546751a012f906ab40/", "lumma", "0", "abuse_ch" "2024-10-07 03:00:10", "1334365", "https://meritdiveu.site/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/15d15d956b339569bdf7e4bd56cef40da68ca70b789bb3d388fe4124ec04c021/", "lumma", "0", "abuse_ch" "2024-10-07 02:50:17", "1334364", "http://cj46058.tw1.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2024-10-06 19:12:37", "1334335", "https://bemuzzeki.sbs/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-10-06 19:07:09", "100", "https://tria.ge/241006-qhfd9szepg/behavioral2", "Lumma,LummaC2", "1", "MDMCk10" "2024-10-06 19:12:37", "1334336", "https://epiloggati.sbs/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-10-06 19:07:13", "100", "https://tria.ge/241006-qhfd9szepg/behavioral2", "Lumma,LummaC2", "1", "MDMCk10" "2024-10-06 19:12:36", "1334337", "https://exemplarou.sbs/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-10-06 19:07:18", "100", "https://tria.ge/241006-qhfd9szepg/behavioral2", "Lumma,LummaC2", "1", "MDMCk10" "2024-10-06 19:12:36", "1334339", "https://frizzettei.sbs/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-10-06 19:07:32", "100", "https://tria.ge/241006-qhfd9szepg/behavioral2", "Lumma,LummaC2", "1", "MDMCk10" "2024-10-06 19:12:35", "1334338", "https://exilepolsiy.sbs/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-10-06 19:07:24", "100", "https://tria.ge/241006-qhfd9szepg/behavioral2", "Lumma,LummaC2", "1", "MDMCk10" "2024-10-06 19:12:35", "1334340", "https://invinjurhey.sbs/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-10-06 19:07:37", "100", "https://tria.ge/241006-qhfd9szepg/behavioral2", "Lumma,LummaC2", "1", "MDMCk10" "2024-10-06 19:12:34", "1334342", "https://laddyirekyi.sbs/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-10-06 19:07:47", "100", "https://tria.ge/241006-qhfd9szepg/behavioral2", "Lumma,LummaC2", "1", "MDMCk10" "2024-10-06 19:12:34", "1334341", "https://isoplethui.sbs/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-10-06 19:07:42", "100", "https://tria.ge/241006-qhfd9szepg/behavioral2", "Lumma,LummaC2", "1", "MDMCk10" "2024-10-06 19:12:33", "1334343", "https://wickedneatr.sbs/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-10-06 19:07:54", "100", "https://tria.ge/241006-qhfd9szepg/behavioral2", "Lumma,LummaC2", "1", "MDMCk10" "2024-10-06 17:23:37", "1334330", "https://sergei-esenin.com/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://tria.ge/241006-tfg2vswhkd/behavioral3", "None", "0", "aachum" "2024-10-06 16:20:09", "1334332", "https://creamtaretio.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c65dc95af8c0644e43f707aa137ca785545a8f53a978d2e9303a8d9a464ca12d/", "lumma", "0", "abuse_ch" "2024-10-06 16:15:07", "1334331", "https://lameuotgiwo.store/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2f9ff65ac28a6bf56d69fd669ca4f8f3d675e617ee4c5179a84049d7a4e5c97d/", "lumma", "0", "abuse_ch" "2024-10-06 11:15:32", "1334290", "http://a1022792.xsph.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2024-10-06 06:51:56", "1334253", "https://guvenilirislemlershop.com.tr/NGNkNTc3MjllZTM1/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2024-10-06 06:51:54", "1334254", "https://guvenilirmarketingislemler.com.tr/NGNkNTc3MjllZTM1/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2024-10-06 06:51:53", "1334255", "https://guvenilirislemlermarketing.com.tr/NGNkNTc3MjllZTM1/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2024-10-06 06:51:53", "1334256", "https://shopguvenilirislemler.com.tr/NGNkNTc3MjllZTM1/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2024-10-06 06:51:50", "1334252", "https://guvenilirshopislemler.com.tr/NGNkNTc3MjllZTM1/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2024-10-06 06:51:49", "1334251", "https://guvenilirislemler.com.tr/NGNkNTc3MjllZTM1/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2024-10-05 16:45:17", "1334227", "http://194.33.43.197/wordpress/To/ProviderPollgame/datalifeTest/Downloads/videovoiddb3/Request6/1/cpuProcessgameDbTrackDlelocalprivateCentral.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2024-10-05 15:30:43", "1334204", "https://ejectyflay.store/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/185e5a8c2df1478a5b89f66b0b1fd76892c8b7c9a50eb3c10af27b808e5b6181/", "lumma", "0", "abuse_ch" "2024-10-05 12:40:04", "1334200", "http://180.94.33.253:48035/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf" "2024-10-05 12:12:11", "1334191", "https://semurox.com/account.aspx", "url", "botnet_cc", "win.matanbuchus", "None", "Matanbuchus", "2024-10-06 12:55:52", "100", "None", "None", "0", "Bitsight" "2024-10-05 08:55:16", "1333981", "http://492668cm.newnyash.top/ToSecureLowProcessordefaultDatalifeCentral.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" # Number of entries: 30