ThreatFox IOC Database

You are viewing the ThreatFox database entry for domain www.heroplu.xyz.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1680566
IOC: www.heroplu.xyz
IOC Type :domain
Threat Type :botnet_cc
Malware: Formbook
Malware alias:win.xloader
Confidence Level : Confidence level is moderate (50%)
Is compromised? : False
ASN:AS22612 NAMECHEAP-NET
Country:- US
First seen:2025-12-16 06:59:13 UTC
Last seen:2026-02-12 10:47:29 UTC
UUID:ba93881a-da4c-11f0-9957-42010aa4000a
Reporter juroots
Reward 5 credits from ThreatFox
Tags:c2 Formbook