{
    "id": "1559846",
    "ioc": "app.kefel.tech",
    "ioc_type": "domain",
    "threat_type": "botnet_cc",
    "malware": "win.spica",
    "malware_printable": "SPICA",
    "malware_alias": null,
    "confidence_level": "50",
    "first_seen": "2025-07-24 06:28:42 UTC",
    "last_seen": null,
    "reporter": null,
    "reference": "https:\/\/medium.com\/@knownascipher\/kefel-io-friends-coldriver-c-c-infrastructure-report-84aa041b141a",
    "threatfox_link": "https:\/\/threatfox\/ioc\/1559846",
    "tags": [
        "apk",
        "APT",
        "c2",
        "CryptoScam",
        "exe",
        "FakeCryptoDashboard",
        "Fast-Flux",
        "NodeJS",
        "PQ-Hosting",
        "RussianAPT",
        "SSLReuse"
    ]
}