ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://qxazzilo.top/realm/session-header.js.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1781967
IOC: https://qxazzilo.top/realm/session-header.js
IOC Type :url
Threat Type :payload_delivery
Malware: SmartApeSG
Malware alias:HANEYMANEY, ZPHP
Confidence Level : Confidence level is high (100%)
Is compromised? : True
ASN:AS395092 SHOCK-1
Country:- US
First seen:2026-04-07 06:42:39 UTC
Last seen:never
UUID:7d0b832f-31fc-11f1-9af6-42010aa4000a
Reporter monitorsg
Reward 5 credits from ThreatFox
Tags:SmartApeSG
Reference: https://infosec.exchange/@monitorsg/116359795973514431

Avatar
monitorsg
hXXps://www.ski-snowboardvancouver[.]ca/d.js (injected) --> hXXps://qxazzilo[.]top/realm/session-header.js --> hXXps://qxazzilo[.]top/realm/rate-effect.php --> hXXps://qxazzilo[.]top/realm/legacy-validator.js (clickfix) --> hXXps://zexxario[.]com/health/check (HTA)