ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://162.252.173.37:85/api/.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1801453
IOC: http://162.252.173.37:85/api/
IOC Type :url
Threat Type :botnet_cc
Malware: Anatsa
Malware alias:ReBot, TeaBot, Toddler
Confidence Level : Confidence level is moderate (49%)
Is compromised? : False
ASN:AS9009 M247
Country:- RO
First seen:2026-04-28 07:20:46 UTC
Last seen:never
UUID:d379b1ae-42d1-11f1-8759-42010aa4000a
Reporter johannes
Reward 5 credits from ThreatFox
Reference: https://www.cyberaccord.com/fake-document-reader-on-google-play-with-10k-downloads-installing-anatsa-malware/

Avatar
johannes
Server Anatsa, from the Cyber Accord report "Fake Document Reader On Google Play With 10K Downloads Installing Anatsa Malware". See all IOC from that report at https://rosti.dev/reports/Sxa10U6K