ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://cusnick.com/tmp/.

Database Entry

IOC ID:	1590666
IOC:	http://cusnick.com/tmp/
IOC Type :	url
Threat Type :	botnet_cc
Malware:	SmokeLoader
Malware alias:	Dofoil, Sharik, Smoke, Smoke Loader
Confidence Level :	Confidence level is moderate (49%)
Is compromised? :	False
First seen:	2025-09-16 06:48:39 UTC
Last seen:	2026-01-26 18:39:41 UTC
UUID:	aa56b2eb-9254-11f0-bfa6-42010aa4000a
Reporter	johannes
Reward	5 credits from ThreatFox
Reference:	https://www.zscaler.com/blogs/security-research/smokeloader-rises-ashes

SmokeLoader C2, from the ZScaler report "SmokeLoader Rises From the Ashes". See all IOC from that report at https://rosti.bin.re/reports/r5BsP9eH