ThreatFox IOC Database
You are viewing the ThreatFox database entry for domain iosninjafisk.com.
Database Entry
This IOC expired
This IOC is an old IOC and hence has expired on 2025-12-07 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.
| IOC ID: | 1198193 |
|---|---|
| IOC: | iosninjafisk.com |
| IOC Type : | domain |
| Threat Type : | botnet_cc |
| Malware: | IcedID |
| Malware alias: | BokBot, IceID |
| Confidence Level : | Confidence level is high (100%) |
| ASN: | AS13335 CLOUDFLARENET |
| Country: |  US |
| First seen: | 2023-11-03 06:55:24 UTC |
| Last seen: | 2023-11-07 13:09:07 UTC |
| UUID: | c2ca69ce-79bc-11ee-bce3-42010aa4000a |
| Reporter | Anonymous |
| Reward | 5 credits from ThreatFox |
| Tags: | CnC IcedID |
Anonymous
Activity related to ICEDID - according to source Cluster25This DOMAIN is used as a CnC by ICEDID. IcedID, a banking trojan, steals business banking credentials, often acting as a loader for other malware. First detected in 2017, it targets North American and UK banks, focusing on corporate accounts and financial services. IcedID continually evolves, using complex web injects to redirect users to replica sites and capture their actions and credentials.