ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://supertransfer.ch/.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1831716
IOC: https://supertransfer.ch/
IOC Type :url
Threat Type :payload_delivery
Malware: Unknown malware
Confidence Level : Confidence level is elevated (75%)
Is compromised? : True
ASN:AS29222 Infomaniak-AS
Country:- CH
First seen:2026-06-13 15:05:29 UTC
Last seen:never
UUID:80a4ec80-670b-11f1-9e0e-42010aa4000a
Reporter Anonymous
Reward 5 credits from ThreatFox
Tags:ClearFake

Avatar
Anonymous
Likely compromised WordPress site used as a ClearFake landing page. Joe Sandbox shows a fake verification / CAPTCHA page instructing the user to use keyboard shortcuts, leading to a clipboard PowerShell command. The execution chain reaches verification-js-cdn.boats and then downloads a second-stage ZIP from devltd.us.