ThreatFox IOC Database

You are viewing the ThreatFox database entry for domain cheeshomireciple.com.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1803396
IOC: cheeshomireciple.com
IOC Type :domain
Threat Type :botnet_cc
Malware: CASTLELOADER
Confidence Level : Confidence level is moderate (49%)
Is compromised? : False
ASN:AS398256 AS-ULTAHOST
Country:- US
First seen:2026-05-01 07:14:55 UTC
Last seen:never
UUID:de685dca-452c-11f1-8759-42010aa4000a
Reporter johannes
Reward 5 credits from ThreatFox
Reference: https://www.huntress.com/blog/clickfix-castleloader-backgroundfix

Avatar
johannes
From the Huntress report "ClickFix Removes Your Background but Leaves the Malware". See all IOC from that report at https://rosti.dev/reports/4RIxcKnD