ThreatFox IOC Database

You are viewing the ThreatFox database entry for domain win678.ru.com.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1691985
IOC: win678.ru.com
IOC Type :domain
Threat Type :botnet_cc
Malware: AsyncRAT
Confidence Level : Confidence level is elevated (75%)
Is compromised? : False
ASN:AS13335 CLOUDFLARENET
Country:- US
First seen:2026-01-06 10:10:42 UTC
Last seen:2026-01-06 12:50:56 UTC
UUID:f5730522-eae7-11f0-9957-42010aa4000a
Reporter abuse_ch
Reward 10 credits from wance
Tags:asyncrat
Reference: https://bazaar.abuse.ch/sample/01139818cc4f023f50dfa34b471e6440f097d05a767d72e7f5cf129cc1b7f3b1/

Avatar
abuse_ch
asyncrat botnet C2 on port 443 TCP