ThreatFox IOC Database

You are viewing the ThreatFox database entry for domain rr3ueff.pw.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1808725
IOC: rr3ueff.pw
IOC Type :domain
Threat Type :botnet_cc
Malware: Unknown malware
Confidence Level : Confidence level is moderate (49%)
Is compromised? : False
First seen:2026-05-08 10:31:16 UTC
Last seen:2026-05-09 17:42:37 UTC
UUID:c6dd770f-4ac8-11f1-8759-42010aa4000a
Reporter johannes
Reward 5 credits from ThreatFox
Tags:Hologram
Reference: https://www.netskope.com/jp/blog/openclaw-hologram-fake-installer-ships-rust-infostealer

Avatar
johannes
Pathfinder Candidate / dead-drop unconfirmed Static string in Pathfinder v3.7.16 dropper no URL path context not yet observed in traffic, from the Netskope report "OpenClaw's Hologram: Fake Installer Ships Rust Infostealer". See all IOC from that report at https://rosti.dev/reports/atHOuLc3