ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://filev2.getsession.org/file/.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1811374
IOC: https://filev2.getsession.org/file/
IOC Type :url
Threat Type :botnet_cc
Malware: Shai-Hulud
Confidence Level : Confidence level is moderate (49%)
Is compromised? : False
ASN:AS24940 HETZNER-AS
Country:- DE
First seen:2026-05-12 14:49:38 UTC
Last seen:never
UUID:30f1f8c4-4de4-11f1-b930-42010aa4000a
Reporter johannes
Reward 5 credits from ThreatFox
Reference: https://www.endorlabs.com/learn/shai-hulud-compromises-the-tanstack-ecosystem-80-packages-compromised

Avatar
johannes
Outbound to Primary exfiltration over Session P2P, from the Endor Labs report "Shai-Hulud compromises the @tanstack ecosystem: 160+ packages compromised". See all IOC from that report at https://rosti.dev/reports/f8dKMGsG