ThreatFox IOC Database
You are viewing the ThreatFox database entry for domain electrum-near.org.
Database Entry
This IOC expired
This IOC is an old IOC and hence has expired on 2025-12-15 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.
| IOC ID: | 1348646 |
|---|---|
| IOC: | electrum-near.org |
| IOC Type : | domain |
| Threat Type : | payload_delivery |
| Malware: | Unknown malware |
| Confidence Level : | Confidence level is elevated (75%) |
| ASN: | AS9009 M247 |
| Country: |  RO |
| First seen: | 2024-11-28 06:00:58 UTC |
| Last seen: | never |
| UUID: | e9786199-ad1b-11ef-91ae-42010aa4000a |
| Reporter |  boruch |
| Reward | 5 credits from ThreatFox |
| Tags: | DGA infostealer RAT RemoteManipulator rurat stealer trojan |
boruch
domains masquerading as Electrum forks with support for various tokens distributing "pumped" files of 650MB+ to bypass sending files to anti-virus scanners. NOT false-positive. No one domain name have any social media profile / NOT fake GitHub repository.All registered on NameSilo on the same day.