ThreatFox IOC Database

You are viewing the ThreatFox database entry for domain jilibdt.com.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1816892
IOC: jilibdt.com
IOC Type :domain
Threat Type :botnet_cc
Malware: AsyncRAT
Confidence Level : Confidence level is high (100%)
Is compromised? : False
ASN:AS13335 CLOUDFLARENET
Country:- US
First seen:2026-05-21 11:55:29 UTC
Last seen:never
UUID:2d6ca2ab-54eb-11f1-b930-42010aa4000a
Reporter Anonymous
Reward 10 credits from Anonymousss
Tags:asyncrat c2 ovHelov1l1yM WinRAR
Reference: https://otx.alienvault.com/pulse/6a0eab35d005adfa12931500

Avatar
Anonymous
Active AsyncRAT (v0.5.8) C2 infrastructure targeting users via a spoofed WinRAR installer (winrar-x64.exe). Extracted malware configuration confirms the botnet ID "win.rar GmbH" and unique mutex "ovHelov1l1yM". Payload SHA256: 7929e545a3671744bebc7b7e118f99e1bc800c58450e99555c1db1de02adfb6a.