ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://193.24.123.18:85/api/.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1801452
IOC: http://193.24.123.18:85/api/
IOC Type :url
Threat Type :botnet_cc
Malware: Anatsa
Malware alias:ReBot, TeaBot, Toddler
Confidence Level : Confidence level is moderate (49%)
Is compromised? : False
ASN:AS200593 PROSPERO-AS
Country:- RU
First seen:2026-04-28 07:20:47 UTC
Last seen:2026-04-28 12:21:23 UTC
UUID:d0cac2a8-42d1-11f1-8759-42010aa4000a
Reporter johannes
Reward 5 credits from ThreatFox
Reference: https://www.cyberaccord.com/fake-document-reader-on-google-play-with-10k-downloads-installing-anatsa-malware/

Avatar
johannes
Server Anatsa, from the Cyber Accord report "Fake Document Reader On Google Play With 10K Downloads Installing Anatsa Malware". See all IOC from that report at https://rosti.dev/reports/Sxa10U6K