ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://dapala.net/c26bfdb7-9d8d-5112-b0ca-52773be2ed3b.

Database Entry

IOC ID:	1783930
IOC:	https://dapala.net/c26bfdb7-9d8d-5112-b0ca-52773be2ed3b
IOC Type :	url
Threat Type :	botnet_cc
Malware:	IClickFix
Confidence Level :	Confidence level is high (100%)
Is compromised? :	False
ASN:	AS62904 AS62904
Country:	US
First seen:	2026-04-11 07:05:58 UTC
Last seen:	never
UUID:	281766ff-34fe-11f1-9af6-42010aa4000a
Reporter	Lenny_3BO
Reward	5 credits from ThreatFox
Tags:	c2 CastleLoader ClickFix

Lenny_3BO

CastleLoader C2 endpoint. WinHTTP POST binary protocol. Campaign GUID 2cd5619d-1ca4-5b19-ab54-fdd124d0258a. Delivered via ClickFix finger protocol chain. CPUID VM detection, CIS language gate, UAC bypass, cmd/PowerShell execution.