ThreatFox IOC Database
You are viewing the ThreatFox database entry for ip:port 196.196.210.3:62520.
Database Entry
| IOC ID: | 841531 |
|---|---|
| IOC: | 196.196.210.3:62520 |
| IOC Type : | ip:port |
| Threat Type : | botnet_cc |
| Malware: | Ave Maria |
| Malware alias: | AVE_MARIA, AveMariaRAT, Warzone RAT, WarzoneRAT, avemaria |
| Confidence Level : | Confidence level is high (100%) |
| First seen: | 2022-08-05 16:41:56 UTC |
| Last seen: | never |
| UUID: | 84f3c6a7-14dd-11ed-97e4-42010aa4000a |
| Reporter | @AndreGironda |
| Reward | 5 credits from ThreatFox |
| Tags: | ave maria AveMaria AveMariaRAT warzonerat |
| Reference: | https://tria.ge/220804-1bdxzacbgl |
@AndreGironda
MITRE T1566.001Date: 04 Aug 2022 08:00-08:30 +0200
From: "Apoderado General" <93473a@405dd07de335e8288f8.com>
Subject: RE: RFQ#270722
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_NextPart_000_0012_27936984.FDC2B084"
Attachment Name: RFQ#0482022.rar
Rarfile SHA256: 0a700f24e41d99c8329a3853decfa6946ffc182627a6437cd24ba382bceb2d39
Uncompressed Executable Name: RFQ#0472022.exe
Executable SHA256: cc9dd64a01b43b62102c0e1b82a0614c33e1dd375463c721f304945cdfb76f21