ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 23.27.120.240:443.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1836706
IOC: 23.27.120.240:443
IOC Type :ip:port
Threat Type :botnet_cc
Malware: Unknown malware
Confidence Level : Confidence level is elevated (75%)
Is compromised? : False
ASN:AS149440 EVOXTSDNBHD-AS-AP
Country:- MY
First seen:2026-06-24 06:36:06 UTC
Last seen:never
UUID:0111c4b6-6f8b-11f1-97fa-42010aa4000a
Reporter Anonymous
Reward 5 credits from ThreatFox
Tags:G1017 JDY payload-host Platypus Termite VoltTyphoon
Reference: https://github.com/yankywilson/jdy-botnet-threat-analysis/tree/main

Avatar
Anonymous
JDY dispatch relay, part of the jdyfj cert cluster (serial 0xab8f51eb48f363f1, CN=jdyfj). Evoxt-hosted, nginx fronting a Tor-hidden Django dispatch backend serving /dispatch_service/v2/probe_task. Independently provisioned node; jdyfj cert is the durable anchor, IP is rotatable.