ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://www.neudirection.com/.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1825545
IOC: https://www.neudirection.com/
IOC Type :url
Threat Type :payload_delivery
Malware: Remus
Confidence Level : Confidence level is elevated (75%)
Is compromised? : True
ASN:AS45102 ALIBABA-CN-NET
Country:- CN
First seen:2026-06-09 16:39:49 UTC
Last seen:never
UUID:5c617928-641c-11f1-a345-42010aa4000a
Reporter Anonymous
Reward 5 credits from ThreatFox
Tags:ClearFake

Avatar
Anonymous
Likely compromised website used as ClearFake-style landing page. The page presents a fake verification/CAPTCHA flow and leads to clipboard/paste-and-run PowerShell execution. Joe Sandbox analysis of this URL resulted in REMUS Stealer detection.