ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://www.pyrotech.co.kr/common/include/tech/default.php.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1814517
IOC: https://www.pyrotech.co.kr/common/include/tech/default.php
IOC Type :url
Threat Type :botnet_cc
Malware: Unknown malware
Confidence Level : Confidence level is moderate (49%)
Is compromised? : False
ASN:AS38700 SMILESERV-AS-KR
Country:- KR
First seen:2026-05-15 13:46:29 UTC
Last seen:never
UUID:30f81c96-5042-11f1-b930-42010aa4000a
Reporter johannes
Reward 5 credits from ThreatFox
Reference: https://securelist.com/kimsuky-appleseed-pebbledash-campaigns/119785/

Avatar
johannes
of httpMalice, from the Securelist report "Kimsuky targets organizations with PebbleDash-based tools". See all IOC from that report at https://rosti.dev/reports/R79aFjwH