ThreatFox IOC Database
You are viewing the ThreatFox database entry for domain tg.nm48.com.
Database Entry
| IOC ID: | 1739237 |
|---|---|
| IOC: | tg.nm48.com |
| IOC Type : | domain |
| Threat Type : | botnet_cc |
| Malware: | ValleyRAT |
| Malware alias: | Winos |
| Confidence Level : | Confidence level is elevated (75%) |
| Is compromised? : | False |
| ASN: | AS151185 CT-XIANGYANG-IDC2 |
| Country: |  CN |
| First seen: | 2026-01-30 22:26:26 UTC |
| Last seen: | 2026-02-14 16:01:44 UTC |
| UUID: | b78c3b7c-fe2a-11f0-a8b1-42010aa4000a |
| Reporter |  abuse_ch |
| Reward | 5 credits from ThreatFox |
| Tags: | valleyrat_s2 |
| Reference: | https://bazaar.abuse.ch/sample/fd7ba89670c0b89e31619074d75089487012e4492b3319b2c418a6fe2dc22b1e/ |