ThreatFox IOC Database

You are viewing the ThreatFox database entry for domain 22wsnikmydlkyx4cwmiykxis7kjy4ugmlz453amazqhflwo3wjsz5tad.onion.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1825109
IOC: 22wsnikmydlkyx4cwmiykxis7kjy4ugmlz453amazqhflwo3wjsz5tad.onion
IOC Type :domain
Threat Type :botnet_cc
Malware: Cobalt Strike
Malware alias:Agentemis, BEACON, CobaltStrike, cobeacon
Confidence Level : Confidence level is high (90%)
Is compromised? : True
First seen:2026-06-08 17:18:34 UTC
Last seen:never
UUID:b2185ab6-634c-11f1-a345-42010aa4000a
Reporter denkaj
Reward 5 credits from ThreatFox
Tags:CobaltStrike OutPack RAT TOR
Reference: https://www.virustotal.com/gui/file/e3300ce9dce0d41690e711b8ee3bb5498ccf25c68d4bafe35416a77a2d88cbd2

Avatar
denkaj
Tor v3 fallback C2. Malware reaches it over local SOCKS:1080. Server X25519 pubkey 2d00684564aad2c83613d6294cad2c69174e26605aac3729759b9a175d701a63