ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://msiidentity.com/pw.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1808730
IOC: https://msiidentity.com/pw
IOC Type :url
Threat Type :botnet_cc
Malware: Unknown malware
Confidence Level : Confidence level is moderate (49%)
Is compromised? : False
ASN:AS41111 AS-GEOHOSTING
Country:- RO
First seen:2026-05-08 10:31:11 UTC
Last seen:2026-05-18 17:09:09 UTC
UUID:d0923b78-4ac8-11f1-8759-42010aa4000a
Reporter johannes
Reward 5 credits from ThreatFox
Tags:FringePorch NetDraft
Reference: https://www.cryptika.com/uat-8302-uses-custom-malware-and-open-source-tools-to-steal-data-from-government-agencies/

Avatar
johannes
From the Cryptika report "UAT-8302 Uses Custom Malware and Open-Source Tools to Steal Data From Government Agencies". See all IOC from that report at https://rosti.dev/reports/dgsjc5Ib