ThreatFox IOC Database

You are viewing the ThreatFox database entry for domain automaxusedcars.com.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1773546
IOC: automaxusedcars.com
IOC Type :domain
Threat Type :payload_delivery
Malware: Unknown malware
Confidence Level : Confidence level is elevated (75%)
Is compromised? : False
ASN:AS49791 AS-3HCLOUD
Country:- US
First seen:2026-03-22 18:02:19 UTC
Last seen:never
UUID:737f125f-25ac-11f1-9af6-42010aa4000a
Reporter Lenny_3BO
Reward 5 credits from ThreatFox
Tags:ClickFix msiexec WordPress

Avatar
Lenny_3BO
Compromised WordPress car dealership serving dual ClickFix plugins (cf-security-shield and ckk). Clipboard injection via fake Cloudflare captcha, Win+R instructions, 6-language lure kit. Delivers MSI payloads via msiexec.