ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://trindastal.com/8250d149-9bf8-566d-9d7d-ea925eae0a4c/.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1803395
IOC: https://trindastal.com/8250d149-9bf8-566d-9d7d-ea925eae0a4c/
IOC Type :url
Threat Type :botnet_cc
Malware: CASTLELOADER
Confidence Level : Confidence level is moderate (49%)
Is compromised? : False
ASN:AS212238 CDNEXT
Country:- CZ
First seen:2026-05-01 07:14:55 UTC
Last seen:never
UUID:de4ba0fe-452c-11f1-8759-42010aa4000a
Reporter johannes
Reward 5 credits from ThreatFox
Reference: https://www.huntress.com/blog/clickfix-castleloader-backgroundfix

Avatar
johannes
CastleLoader endpoint, from the Huntress report "ClickFix Removes Your Background but Leaves the Malware". See all IOC from that report at https://rosti.dev/reports/4RIxcKnD