ThreatFox IOC Database
You are viewing the ThreatFox database entry for domain teams-live.com.
Database Entry
This IOC expired
This IOC is an old IOC and hence has expired on 2025-12-16 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.
| IOC ID: | 1392440 |
|---|---|
| IOC: | teams-live.com |
| IOC Type : | domain |
| Threat Type : | payload_delivery |
| Malware: | Cobalt Strike |
| Malware alias: | Agentemis, BEACON, CobaltStrike, cobeacon |
| Confidence Level : | Confidence level is elevated (75%) |
| ASN: | AS50613 ThorDC-AS |
| Country: |  IS |
| First seen: | 2025-01-24 06:41:44 UTC |
| Last seen: | never |
| UUID: | ccb2fc6b-d9de-11ef-a65d-42010aa4000a |
| Reporter |  CyberRaiju |
| Reward |
10 credits from anonymous |
| Reference: | https://x.com/CyberRaiju/status/1882196339569901893 |
CyberRaiju
Fake MS Teams page delivering infostealers and Cobalt Strike:hxxps[://]microsoft[.]teams-live[.]com/en/index[.]html
hxxps[://]microsoft[.]teams-live[.]com/en/download[.]php