ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://edr-security-bucket1.cc/.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1811923
IOC: https://edr-security-bucket1.cc/
IOC Type :url
Threat Type :botnet_cc
Malware: CountLoader
Confidence Level : Confidence level is moderate (49%)
Is compromised? : False
ASN:AS13335 CLOUDFLARENET
Country:- US
First seen:2026-05-14 12:36:01 UTC
Last seen:never
UUID:69913a4b-4efa-11f1-b930-42010aa4000a
Reporter johannes
Reward 5 credits from ThreatFox
Reference: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/sinkholing-countloader-insights-into-its-recent-campaign/

Avatar
johannes
payload, from the McAfee Labs report "Sinkholing CountLoader: Insights into Its Recent Campaign". See all IOC from that report at https://rosti.dev/reports/3Ka2nu5U