ThreatFox IOC Database

You are viewing the ThreatFox database entry for url wss://sad4w7h913-b4a57f9c36eb.herokuapp.com:443/ws.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1801958
IOC: wss://sad4w7h913-b4a57f9c36eb.herokuapp.com:443/ws
IOC Type :url
Threat Type :botnet_cc
Malware: Unknown malware
Confidence Level : Confidence level is moderate (49%)
Is compromised? : False
ASN:AS14618 AMAZON-AES
Country:- US
First seen:2026-04-29 07:49:07 UTC
Last seen:never
UUID:0aaa6e96-439c-11f1-8759-42010aa4000a
Reporter johannes
Reward 5 credits from ThreatFox
Tags:SNOWBASIN SNOWBELT SNOWGLAZE
Reference: https://cybersecsentinel.com/snow-malware-suite-turns-microsoft-teams-into-a-help-desk-trap/

Avatar
johannes
WebSocket Secure endpoint SNOWGLAZE, from the Cybersec Sentinel report "Snow Malware Suite Turns Microsoft Teams Into a Help Desk Trap". See all IOC from that report at https://rosti.dev/reports/19PQCfht