ThreatFox IOC Database

You are viewing the ThreatFox database entry for domain dowindexsp.com.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1781057
IOC: dowindexsp.com
IOC Type :domain
Threat Type :payload_delivery
Malware: TransferLoader
Confidence Level : Confidence level is high (100%)
Is compromised? : False
ASN:AS20473 AS-VULTR
Country:- US
First seen:2026-04-06 07:56:18 UTC
Last seen:never
UUID:e19b8441-3027-11f1-9af6-42010aa4000a
Reporter SquiblydooBlog
Reward 5 credits from ThreatFox
Tags:TransferLoader
Reference: https://app.any.run/tasks/f49cd872-6b3d-4207-a651-71e98de22b01

Avatar
SquiblydooBlog
4 day old domain used in 2nd stage of payload as see in the AnyRun analysis. The malware itself was discussed here: https://x.com/SquiblydooBlog/status/2040154250831945772?s=20