{
    "id": "1508959",
    "ioc": "regular.ptbaconsulting.com",
    "ioc_type": "domain",
    "threat_type": "botnet_cc",
    "malware": "js.fakeupdates",
    "malware_printable": "FAKEUPDATES",
    "malware_alias": "FakeUpdate,GhoLoader,SocGholish",
    "confidence_level": "50",
    "first_seen": "2025-04-20 13:56:45 UTC",
    "last_seen": null,
    "reporter": null,
    "reference": "https:\/\/documents.trendmicro.com\/assets\/txt\/IOC-List---SocGholish-to-RansomhubRyWU7lB.txt",
    "threatfox_link": "https:\/\/threatfox\/ioc\/1508959",
    "tags": [
        "c2",
        "fakeupdates",
        "RansomHub",
        "SocGholish"
    ]
}