🚨
Critical Threats Require Immediate Attention
0 Known Exploited Vulnerabilities • 12 Critical CVEs • 0 Active C2 Servers • 0 High-Risk IPs
PATCH NOW
BLOCK IPS
🦠
389
Malware
🎯
0
C2 Servers
🔗
500
Mal URLs
📦
500
Payloads
🔓
100
CVEs
🔐
500
SSL Certs
🔑
97
JA3
☠️
500
ThreatFox
🌐
15
IPs
📊 Data Coverage
Total Collected:
2602
Total IOCs:
2486
CVE References:
270
Display Limit:
100/table
CVEs
100 / 100
100%
URLs
100 / 500
20%
Malware
100 / 389
26%
IPs
15 / 15
100%
Payloads
100 / 500
20%
SSL Certs
100 / 500
20%
JA3
97 / 97
100%
ThreatFox
100 / 500
20%
📤 Exportable IOC Summary (Click to download CSV)
🦠 Top Malware Families
Mirai
340
VShell
167
Cobalt Strik...
98
ClearFake
86
Mozi
64
Unknown malw...
40
CoinMiner
29
Gafgyt
22
☠️ ThreatFox IOC Types
ip:port
320
domain
154
url
26
📁 File Types
unknown
392
elf
244
html
160
exe
30
dll
23
js
19
🔐 SSL Blacklist Reasons
Vidar C&C
142
ACRStealer C&C
55
OffLoader C&C
53
QuasarRAT C&C
46
PureHVNC C&C
43
RatonRAT C&C
29
🔑 JA3 Malware Types
Tofsee
45
Adware
24
TrickBot
9
Dridex
4
Quakbot
2
Gozi
2
🔓 Vulnerability Intelligence
100 shown / 100 total| CVE ID | Severity | CVSS | EPSS | Percentile | Priority |
|---|---|---|---|---|---|
| CVE-2026-6795 | CRITICAL | 9.6 | 0.04% | 12.6% |
|
| CVE-2026-41685 | MEDIUM | 4.3 | 0.05% | 14.1% |
|
| CVE-2026-41684 | MEDIUM | 6.5 | 0.07% | 21.4% |
|
| CVE-2026-41648 | MEDIUM | 5.3 | 0.05% | 15.0% |
|
| CVE-2026-41647 | MEDIUM | 6.5 | 0.05% | 17.1% |
|
| CVE-2026-41589 | CRITICAL | 9.6 | 0.04% | 13.6% |
|
| CVE-2026-41554 | HIGH | 7.1 | 0.04% | 10.9% |
|
| CVE-2026-41490 | HIGH | 8.3 | 0.05% | 16.2% |
|
| CVE-2026-30496 | CRITICAL | 9.8 | 0.06% | 18.7% |
|
| CVE-2026-30495 | HIGH | 8.8 | 0.02% | 6.7% |
|
| CVE-2025-14341 | HIGH | 8.3 | 0.04% | 11.4% |
|
| CVE-2026-8094 | CRITICAL | 9.8 | 0.02% | 5.7% |
|
| CVE-2026-8093 | HIGH | 8.1 | 0.02% | 5.3% |
|
| CVE-2026-8092 | HIGH | 8.1 | 0.02% | 6.4% |
|
| CVE-2026-8091 | CRITICAL | 9.8 | 0.02% | 6.7% |
|
| CVE-2026-8090 | HIGH | 7.3 | 0.02% | 6.0% |
|
| CVE-2026-6002 | HIGH | 8.8 | 0.01% | 3.1% |
|
| CVE-2026-5791 | MEDIUM | 6.5 | 0.01% | 0.3% |
|
| CVE-2026-5784 | HIGH | 8.8 | 0.01% | 3.1% |
|
| CVE-2026-8080 | MEDIUM | 6.8 | 0.03% | 8.5% |
|
| CVE-2026-6508 | CRITICAL | 9.8 | 0.03% | 7.5% |
|
| CVE-2026-42285 | HIGH | 7.5 | 0.18% | 38.8% |
|
| CVE-2026-42010 | HIGH | 7.1 | 0.15% | 35.9% |
|
| CVE-2026-41644 | HIGH | 8.3 | 0.04% | 13.4% |
|
| CVE-2026-41643 | HIGH | 7.5 | 0.15% | 35.4% |
|
| CVE-2026-41642 | HIGH | 7.5 | 0.18% | 38.8% |
|
| CVE-2026-3953 | HIGH | 8.8 | 0.01% | 3.1% |
|
| CVE-2026-33589 | HIGH | 8.2 | 0.06% | 18.2% |
|
| CVE-2026-33588 | HIGH | 7 | 0.07% | 21.3% |
|
| CVE-2026-33587 | CRITICAL | 9.2 | 0.10% | 27.5% |
|
| CVE-2026-28201 | HIGH | 8.7 | 0.06% | 17.5% |
|
| CVE-2026-27415 | MEDIUM | 4.3 | 0.02% | 3.6% |
|
| CVE-2026-6805 | MEDIUM | 6.9 | 0.04% | 12.7% |
|
| CVE-2026-44407 | MEDIUM | 4.7 | 0.10% | 26.5% |
|
| CVE-2026-27421 | MEDIUM | 6.5 | 0.03% | 10.0% |
|
| CVE-2026-27416 | MEDIUM | 5.3 | 0.04% | 11.1% |
|
| CVE-2026-27329 | MEDIUM | 5.3 | 0.04% | 11.1% |
|
| CVE-2026-25468 | MEDIUM | 5.3 | 0.04% | 10.9% |
|
| CVE-2026-25436 | MEDIUM | 5.3 | 0.04% | 11.1% |
|
| CVE-2025-68604 | MEDIUM | 5.4 | 0.02% | 3.9% |
|
| CVE-2025-68060 | HIGH | 7.6 | 0.04% | 10.8% |
|
| CVE-2025-66105 | MEDIUM | 5.3 | 0.04% | 11.1% |
|
| CVE-2025-62127 | MEDIUM | 5.9 | 0.03% | 9.8% |
|
| CVE-2025-2514 | MEDIUM | 5.3 | 0.04% | 13.0% |
|
| CVE-2025-1978 | HIGH | 8.3 | 0.32% | 54.9% |
|
| CVE-2024-43384 | HIGH | 8 | 0.03% | 8.7% |
|
| CVE-2026-4430 | MEDIUM | 5.4 | 0.02% | 4.0% |
|
| CVE-2026-44406 | MEDIUM | 5.7 | 0.01% | 0.3% |
|
| CVE-2025-9661 | HIGH | 8.1 | 0.05% | 14.7% |
|
| CVE-2026-8063 | HIGH | 7.1 | 0.04% | 12.6% |
|
🌐 Enriched IP Intelligence
15 shown / 15 total| IP Address | Risk Score | GreyNoise | Abuse % | Ports | ISP | TOR |
|---|---|---|---|---|---|---|
| 142.4.6.57 |
|
unknown | 0% | 99320829952096 |
Unified Layer | |
| 162.144.127.197 |
|
unknown | 0% | 99320824432086 |
Unified Layer | |
| 49.212.179.180 |
|
unknown | 0% | 8044322 |
SAKURA Internet Inc. | |
| 194.58.98.196 |
|
unknown | 0% | 80 |
Reg.Ru Hosting | |
| 67.213.75.205 |
|
unknown | 0% | 1651884 Ontario Inc. | ||
| 192.73.238.101 |
|
unknown | 0% | RAMNODE | ||
| 51.178.161.32 |
|
unknown | 0% | OVH SAS | ||
| 64.225.35.35 |
|
benign | 0% | DigitalOcean, LLC | ||
| 195.159.28.230 |
|
unknown | 0% | 99399558780 |
Jpg AS | |
| 93.186.200.154 |
|
unknown | 0% | fast IT Colocation | ||
| 103.61.101.11 |
|
unknown | 0% | 8081828291 |
Calcify It Services ... | |
| 5.9.178.143 |
|
unknown | 0% | 443 |
Closco Ltd | |
| 37.139.2.140 |
|
benign | 0% | DigitalOcean | ||
| 23.160.192.125 |
|
unknown | 0% | NetInformatik Inc. | ||
| 195.231.69.151 |
|
unknown | 0% | 338922 |
Aruba S.p.A. - Cloud... |
🦠 Malware Samples
100 shown / 389 total| SHA256 | Family | Name |
|---|---|---|
| 7d14ed1cb8c6a84eccb1ee63445205832840a3bc99a01420560b84984b96d08e | Mirai | Mercury.arm7 |
| e9a26ae098631e9ab1ba5e0eaa10c55cb12902d9ba7dabd811ebd47afb8aca92 | CoinMiner | file |
| 2e2730dba5f8512e6240d6eaf68c2b175b738705072a78beb7574c3e04d85c1e | Mirai | arm6 |
| 351e37f699f677c00617189853bf808be77ca8ce0b10762dec8a076365160fe4 | AsyncRAT | AU88APP.exe |
| 1f6b6c404a60e980382ade46942e6434c74b637fe2f932295329187eea24bddf | Mirai | 1.sh |
| f662910829ffdcaa5ee0c4fc7929277d0700b11dd829917dcab7a0a9c7db1353 | NanoCore | hotro.exe |
| 9e5d6ef54560f165856cd672d0fc6ca5ebbf31e6ac5c9e76d372c8ce1a2c965b | NanoCore | hotro.exe |
| d827f54dac6343d3bb7325ad7d0f23f764f681250cd504a95c318ac233d8e7ef | ValleyRAT | LineInst.exe |
| 6d21ee2bece595eaec2814ee8c475dc278b37476645251fe5ee9d309bc58bade | ValleyRAT | LineInst.exe |
| 0baffe7255bd8df03e5a2b89e1efa357c7acdd14d56d9463d017328cf3c9408a | Mirai | powerpc64 |
| 702e1eae1630d2aaee374da09f95ca1676e12508a2d86aaf428e572c2eb5d31a | Mirai | x86_64 |
| 0da1b224c99740463cab9b7cb90e74ee2a4e68fc6e77c761fce10583768ae8ca | Mirai | m68k |
| cbe49767073fdc868efb51bc4c75aba2ca3b592ad5f113a8ccb27e2f29e65e46 | Mirai | sh4 |
| 70a7794ad3ab1211a7ffc14d9d6d7b0a9b641bcd2d132144499272b9d9319328 | Mirai | mipsel |
| bd65423ef1e42a4aa0a6f97f4f3f08938cf044055affe99ba513be25922c7456 | Mirai | arm |
| 8fb9808d8ab03fb205016e2818cfc861f06ceef4507f36ee31d0b275f46e96f8 | Mirai | mips |
| 7b8acb0824cbef7c9be04d40dd73dc82b63a823ac247fd140cdd5f27cfd22d07 | Mirai | aarch64 |
| a93e032bc045e1c67b5303486410e8be1247be58866db22fbd80dd795c43c7d7 | Mirai | sparc |
| 4ca804edf4e23a0d7aa7862c1f38de7e69de1804238efb03d57e8bc6c31e9a24 | Mirai | i686 |
| 4293c812849abf23e3dbd67fe498700a3b57b3e17713e41c5678bc5c6435af94 | Mirai | armhf |
| a6aa0eaa9692117d9be1758b114c0e72cc3f8c9dae24cbc233f79f0afd3d98d4 | NanoCore | hotro.exe |
| 3b21f0224c8ed9d1efb133a6093dfc56ed0fbf3829123696796b708970c6044b | Mirai | x86 |
| 91521f3f0978d2268974925857388099d0f39164b1aad6000cc36b198f06301b | Gafgyt | arm61 |
| b3e8d49cfe563784c6782b493ec04f633f32998803f8d7f199e585a2a85a7d3c | Mirai | kaf.ppc |
| 8ce230b9a302bc49c68a2720f38fb83bed5e326a0f6dd148e47ad78f83a954a1 | Mirai | kaf.mpsl |
| b444c7dcd7ff74b47a2a3c51e90be015bb0bba8100d6275584d9a9e68e9962ef | Mirai | kaf.s390 |
| d2da629c94c365c773d3b39cb5dcf48830587ed39e8d70c9ca2c7e5086593e73 | Mirai | kaf.x86 |
| d3ac8a6922505cb20bce79834f91e12f0c2a4f69efed79c4552c75af7ead8d99 | Mirai | kaf.mips |
| 91a2d67d2817ffa41fb6a8fbd7e3d32d5896349f7010fa49d906c0bdff9b8a6c | Mirai | kaf.mps64 |
| 97a753ceaefa50cdb402b8bba849ca9e5a97951cc535990a98d03cc2dcbb65fb | Mirai | kaf.i386 |
| 38aec4b665a9a6100a96bbffe6eda55d6661319e93efd4a5d5b723ae2227ff1a | Mirai | kaf.arm7 |
| 5143fa367308b81509244257be1b552fc46bd98b224c0635af6173f2ba0c6bea | Mirai | kaf.64 |
| ff4eb146c87f6f5f2143a184ed16b7a6cf818edf8c9bcb8dea9fadc4c8ef7d22 | Mirai | kaf.arm5 |
| a9cc794cb09b1c328e0e88439068343f0c8edd7345f702f837580ec80cf0af8c | ValleyRAT | eeczbxfqse.exe |
| 8a057dbece2fc88145ecac1218407fe98811d7902a69417d9193a6cbc473c7fc | ValleyRAT | CredentialHelper.exe |
| 7a876df85aec34d6cc3758543e5f423008d55bd2b6efb8630f7578a9d161b848 | Gh0stRAT | clashforw.exe |
| 2f61950c3baa58573fac514205cead5afd6e27e84bb2b91b233a9f045d9b3f4c | BlackShades | Firefox.exe |
| a17e2f106640e3451af6faab503fbbc88b7aecb4ac091fc8cb1266dea7f1cdb3 | BlackShades | Firefox.exe |
| 1b9a4db16afc3b0e6a9045a0d4beae35eb97994b7536e0cb6ef291eaf702e9a4 | Mirai | aarch64 |
| 88a4eb9a2d9365c45fc34f16e1fdb6122f7817a6a90722403946fecc04940a86 | Mirai | x86_64 |
| 28d352a203da99b84f5bdfa50de5b7272a66c171ebcea6503b382e25164cb909 | Mirai | x86 |
| 6f7236141c8efcad09c83df0e5b380a23e8ab4986f8edc3245d51bf75a069300 | Vidar | file |
| 6bd796a0f1197beed13bb046e08c32ae1b290e35f7aa49ed89198963a1027406 | Mirai | ppc |
| 40ce40416d4f64d73423f2c07980e67569e85dbdda7cb77a1c455094e18e5cc7 | Mirai | mipsel |
| 9e06ec836e9ab8bb827e81ae95376026d8a5e5699766fbf9cbae121915ce34cf | Mirai | arm |
| 5df505b6bea152089596c97e94e78f980de541405f9fdd5eabdc982ceeca6a98 | Mirai | mips |
| a39c83d3b1d8a464b8bd7efd3f5e8f68fb50e736d1fade52c26be8c1288d5296 | Mirai | m68k |
| c9d9583fb44131fe57df0c99c74e460973dd9c1f38ac57a7c3c8238be1e350eb | CoinMiner | kswapd00 |
| deac427e9b81607843c1e145103be8fd16960e533d2a8c0c003d7e094047923b | Prometei | kthreadadd64 |
| a01e58ce02a7b7fe9e5368878d30ce576d958069b30e952ff68686e2264b3292 | CoinMiner | kswapd00 |
🎯 C2 Infrastructure
0 shown / 0 total| IP | Port | Family | Status |
|---|---|---|---|
| No data | |||
🔗 Malicious URLs
100 shown / 500 total| URL | Threat | Status | SURBL | Spamhaus | Tags |
|---|---|---|---|---|---|
| http://27.37.114.3:43421/i | malware_download | online | not listed | not listed | |
| https://tehpafro.script-horizon.digital/?ublib=4788cdb5-4476-4363-a775-6092dde7a... | malware_download | offline | not listed | malware_domain | ClearFake |
| http://110.37.56.122:45131/bin.sh | malware_download | online | not listed | not listed | 32-bitarm |
| https://wildfloraworkflowsystem.garden/40c387b9-98a6-4b70-ad39-91997ddd6286/goog... | malware_download | online | not listed | abused_legit_malware | ClearFake |
| http://85.15.90.202:59580/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://27.37.103.19:60470/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://27.202.39.195:41335/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://115.59.80.61:32826/i | malware_download | online | not listed | not listed | Mozi |
| http://72.255.18.128:46600/Mozi.7 | malware_download | offline | not listed | not listed | elfua-wget |
| http://72.255.3.73:41926/Mozi.7 | malware_download | offline | not listed | not listed | elfua-wget |
| http://179.43.182.70/bins/Mercury.arm7 | malware_download | online | not listed | not listed | elfmirai |
| http://176.65.139.168/bins/parm7 | malware_download | offline | not listed | not listed | elfua-wget |
| http://113.230.26.237:52416/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://179.43.182.70/ohshit.sh | malware_download | offline | not listed | not listed | shua-wget |
| https://petaldistributionplatform.garden/205c658f-b20f-41be-9633-0acf85ea959a/go... | malware_download | online | listed | malware_domain | ClearFake |
| http://115.59.80.61:32826/bin.sh | malware_download | online | not listed | not listed | Mozi |
| https://greenhouseoperationscenter.garden/71400c2e-7e9f-4c2a-b1ff-8df6438d6045/g... | malware_download | online | listed | abused_legit_malware | ClearFake |
| http://113.230.26.237:52416/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://182.113.205.16:37385/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://182.113.205.16:37385/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://110.36.86.0:51568/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://118.34.109.121:57089/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://infra-blue-high-print.garden/98b9fd94-4ced-4deb-9d7e-15687e7dc818/google... | malware_download | online | listed | abused_legit_malware | ClearFake |
| http://222.139.46.132:53353/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://serverless-mesh-core-yet-go.garden/757fc5c6-546b-4b20-b58d-9d0e869da00e/... | malware_download | online | listed | abused_legit_phishing | ClearFake |
| http://110.36.89.2:50944/bin.sh | malware_download | online | not listed | not listed | Mozi |
| http://27.37.113.102:60780/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://219.155.129.38:38962/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://123.13.113.239:47998/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://182.127.152.188:53254/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://110.37.66.188:42727/i | malware_download | online | not listed | not listed | Mozi |
| https://xyv1jupy.container-vector.digital/?ublib=3e7e09af-d077-4473-930e-d636783... | malware_download | offline | not listed | malware_domain | ClearFake |
| http://61.53.157.97:35688/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://ostekStatmen.net/tracker.js | malware_download | online | listed | abused_legit_phishing | unknown |
| https://infoworkerOne.org/tracker.js | malware_download | online | not listed | botnet_cc_domain | unknown |
| https://mstopsai.com/tracker.js | malware_download | online | listed | botnet_cc_domain | unknown |
| https://monstersStat.com/tracker.js | malware_download | online | listed | phishing_domain | unknown |
| https://masterklass.net/tracker.js | malware_download | online | listed | abused_legit_malware | unknown |
| https://globalSstat.com/tracker.js | malware_download | online | listed | abused_legit_botnetcc | unknown |
| https://merkureEnv.net/tracker.js | malware_download | online | listed | botnet_cc_domain | unknown |
| https://globalSstat.org/tracker.js | malware_download | online | listed | abused_legit_botnetcc | unknown |
| https://jobworkNY.com/tracker.js | malware_download | online | listed | abused_legit_phishing | unknown |
| https://maxStatesUS.ORG/tracker.js | malware_download | online | listed | phishing_domain | unknown |
| https://infoworkerOne.com/tracker.js | malware_download | online | listed | phishing_domain | unknown |
| https://sorrystartstat1.net/tracker.js | malware_download | online | listed | abused_legit_phishing | unknown |
| http://118.34.109.121:57089/bin.sh | malware_download | online | not listed | not listed | |
| http://162.255.251.91:60531/i | malware_download | online | not listed | not listed | 32-bitarm |
| http://42.225.201.216:54383/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://219.155.129.38:38962/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://42.226.208.99:60501/i | malware_download | online | not listed | not listed | 32-bitelf |
📦 URLhaus Payloads (with VirusTotal)
100 shown / 500 total| SHA256 | Family | Type |
|---|---|---|
| c42715de9e75f4f8105f3ad8be04e25374eb847d8bdbdb539aa38f5f02058972 | -- | html |
| f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8 | -- | elf |
| 12013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0ef | Mirai | elf |
| f11057ab58bef936d98ba189829c64260a6a540cdaa046f93613138e820c98c6 | -- | dll |
| f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8 | -- | elf |
| f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8 | -- | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 7d14ed1cb8c6a84eccb1ee63445205832840a3bc99a01420560b84984b96d08e | Mirai | elf |
| f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8 | -- | elf |
| f11057ab58bef936d98ba189829c64260a6a540cdaa046f93613138e820c98c6 | -- | dll |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| f11057ab58bef936d98ba189829c64260a6a540cdaa046f93613138e820c98c6 | -- | dll |
| f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8 | -- | elf |
| 0b697540b93f572e2ad833833d6685b26a30ef1ac3365c39a50ab22f62bfd046 | -- | js |
| c2dea66772080c6d58cb513aec213152e6ad8c62c10428323417b716832f9c59 | -- | html |
| a004f1257156961d71948ee5e52e4eb10e6063858fcc1a38123fc5fbf7fcba60 | -- | html |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 9062c0d98eb6252c19657b22be070a9f12fea06a4117d6878a875eaf3f007ce5 | -- | html |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| d6aaf3e93b88b87727cba14aab5b2301a4e55dd08fb96c05b941e4a7c32fb989 | -- | html |
| 87001afa45c806b434fa367ff674e4053f550fd7a05dd56fc4e94aaa9b9c84ba | -- | html |
| 0d05199ce66e4b92f336ce4b4638d647fa17ddc4232772f23bdd7c46f4ce4f25 | -- | js |
| 955a4b977495b4846d0b08d48893be6cdd71c52caeb7a80aef683b9683ef9307 | -- | html |
| f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8 | -- | elf |
| f11057ab58bef936d98ba189829c64260a6a540cdaa046f93613138e820c98c6 | -- | dll |
| 7d326aa99a04d28f51934177292aa33f2d8ed76ccd0b6a3f50c118cd5bdc2018 | -- | html |
| e668dd1e80d7a2a1c736550b072dc7046fee6986fbbc23d6b79f78412ae8fc5f | -- | html |
| 17e830aaae15da2a54ae32c52ace5d8fa5ae7c3d4982a4af3f3d370e35dcdc21 | -- | html |
| a97765b31548bff63e1d962fa0a04410f1a76baed4916026f2b7b1ef1982ff1b | -- | html |
| 1c25bcd279e9fa4e2a27f29b4255dbd6774f70e4ad8e217f307d8461701e9a9b | -- | html |
| 5b741949de4fb775fceee69a94f116a8f770dce38029266478d54c36e4cacdcf | -- | exe |
| 11f396fd3cb0df43ae092d3389c448794b6e8a0fe39e416d490f7bc3dcd09166 | -- | html |
| 04883622e2687c3ba4bd9338634689c0591e76ee9517c2506a7313f2b3fd7d90 | -- | html |
| 76212a4dbdcefae918e67475f329a6ee38e73c32b8481679cfd1fbc071cd3b8c | -- | exe |
| ace95e79aca0b4db42f3abcaffbec83185acf44b9415ac0c420ecf9cae2f9619 | -- | html |
| 42bbceabc23c334ca424c76985904634682630807178369db395e23ab2025f4e | -- | json |
| 7468b94c51bb8fe69b3d50ff2d11a95229951ae4b7fda9d47152d30f92b0a0ce | Mirai | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 45aa339358fd3733aad78512ce2b011aef91592aa746ae682203af428bd0777b | CoinMiner | exe |
| 0804fad79e2bf5e01fc3d17f33c2de76e7621c40456953f74e29ca3d34e11441 | -- | html |
| a0ff454c8d3f48759b472150cfacf8dfd8ff21bf64c54c5be816a4b985a0c821 | -- | html |
| 6308af2f9f9c821a9d7e47ad0edc1a537c0656c2fb7ced176c385d393ccd4c16 | -- | html |
| 4d7d5278bc0c24f3cadadf820bd64c4c79d47360cbb0d4d7e3a8e1be7927b63c | -- | html |
| 480d76dc41829b27d8c12bf2973edf188cbff9dc70f0f39475ff81dfec902c6c | -- | html |
| a3e806153cddfb8b0faf278e30727f2d1f81bf1a3d597be913b38bb66991fe4c | -- | html |
| cab48cd671081a6bbfedcab1a391c0107195d9ade6114a9aad75d0801bbdd479 | -- | html |
| 2e2730dba5f8512e6240d6eaf68c2b175b738705072a78beb7574c3e04d85c1e | Mirai | elf |
| 96ab1848787e13397ce94d73689db2a1eb6a8ca07bfcf752592ed6afb5d68474 | -- | html |
| 64441811221132ce9bc12be11971e2fb9a863e4a82d621f97d732bc8ea80c6b6 | CoinMiner | exe |
☠️ ThreatFox IOCs
100 shown / 500 total| IOC | Type | Malware | Confidence | Threat |
|---|---|---|---|---|
| tiv2dcd7.cloud-sphere.digital | domain | ClearFake |
|
payload_delivery |
| cloud-sphere.digital | domain | ClearFake |
|
payload_delivery |
| cheapoca.biz | domain | Remus |
|
botnet_cc |
| 113.31.115.231:8080 | ip:port | Cobalt Strike |
|
botnet_cc |
| 113.31.115.231:80 | ip:port | Cobalt Strike |
|
botnet_cc |
| 81.68.216.220:8080 | ip:port | Cobalt Strike |
|
botnet_cc |
| tehpafro.script-horizon.digital | domain | ClearFake |
|
payload_delivery |
| hwucwxid.script-horizon.digital | domain | ClearFake |
|
payload_delivery |
| wildfloraworkflowsystem.garden | domain | ClearFake |
|
payload_delivery |
| bytearmor.net | domain | Unknown malware |
|
botnet_cc |
| voltrix.pw | domain | Unknown malware |
|
botnet_cc |
| petaldistributionplatform.garden | domain | ClearFake |
|
payload_delivery |
| greenhouseoperationscenter.garden | domain | ClearFake |
|
payload_delivery |
| 81.68.216.220:80 | ip:port | Cobalt Strike |
|
botnet_cc |
| 81.68.216.220:443 | ip:port | Cobalt Strike |
|
botnet_cc |
| 168.222.97.93:8080 | ip:port | Cobalt Strike |
|
botnet_cc |
| 106.75.252.66:443 | ip:port | Cobalt Strike |
|
botnet_cc |
| http://194.33.61.179/7dc11e58e9124f1183d... | url | Stealc |
|
botnet_cc |
| infra-blue-high-print.garden | domain | ClearFake |
|
payload_delivery |
| 103.146.30.121:443 | ip:port | Cobalt Strike |
|
botnet_cc |
| 89.125.138.217:8001 | ip:port | Aisuru |
|
botnet_cc |
| serverless-mesh-core-yet-go.garden | domain | ClearFake |
|
payload_delivery |
| 175.178.36.137:80 | ip:port | Cobalt Strike |
|
botnet_cc |
| xyv1jupy.container-vector.digital | domain | ClearFake |
|
payload_delivery |
| hdba7cl2.container-vector.digital | domain | ClearFake |
|
payload_delivery |
| kitdocs-openlow-observe-matrix.garden | domain | ClearFake |
|
payload_delivery |
| tophosts-todo-network-harbor.garden | domain | ClearFake |
|
payload_delivery |
| vaultask-micro-service-pulse.garden | domain | ClearFake |
|
payload_delivery |
| 106.75.252.66:8080 | ip:port | Cobalt Strike |
|
botnet_cc |
| cleanlay-fet-telemetry-vault.garden | domain | ClearFake |
|
payload_delivery |
| clamprob-folder-runtime-forge.garden | domain | ClearFake |
|
payload_delivery |
| dl.interium.wtf | domain | Unknown malware |
|
payload_delivery |
| interium.wtf | domain | Unknown malware |
|
botnet_cc |
| aimgrub2-cloud-sphere-get.garden | domain | ClearFake |
|
payload_delivery |
| 106.75.252.66:80 | ip:port | Cobalt Strike |
|
botnet_cc |
| jcdlhks8.node-pulse.digital | domain | ClearFake |
|
payload_delivery |
| ofx3xjbp.node-pulse.digital | domain | ClearFake |
|
payload_delivery |
| node-pulse.digital | domain | ClearFake |
|
payload_delivery |
| siteyet-script-horizon-go.garden | domain | ClearFake |
|
payload_delivery |
| crackedsoftware.doxbin.cy | domain | Unknown malware |
|
payload_delivery |
| 164.90.205.39:25001 | ip:port | Kimwolf |
|
botnet_cc |
| 174.138.12.239:25001 | ip:port | Kimwolf |
|
botnet_cc |
| open-low-container-vector.garden | domain | ClearFake |
|
payload_delivery |
| singaposta.world | domain | Remus |
|
botnet_cc |
| gayhardsystem.world | domain | Remus |
|
botnet_cc |
| ponzchq.shop | domain | Remus |
|
botnet_cc |
| coyahome.com | domain | Remus |
|
botnet_cc |
| cntainrs-folders-giped-green-hub.garden | domain | ClearFake |
|
payload_delivery |
| 59.173.55.109:443 | ip:port | Cobalt Strike |
|
botnet_cc |
| 1.117.61.9:80 | ip:port | Cobalt Strike |
|
botnet_cc |
🔐 SSL Blacklist
100 shown / 500 total| SHA1 Fingerprint | Reason | Listed |
|---|---|---|
| 76f87f2fb9c132bdc5fa55c996c303ae7c6dac8f | SantaStealer C&C | 2026-05-17 16:09:06 |
| 971333b66a8266c1bf37aba686b9b89fcd9a9e44 | Vidar C&C | 2026-05-17 16:04:34 |
| d401a5c721a25dd94d6eb02284f5e7b918c2b5df | Vidar C&C | 2026-05-15 16:03:42 |
| 42874ed125e23b73be13b7b8a7b89305ce979661 | Vidar C&C | 2026-05-15 14:43:39 |
| bb1df8c1e6236408eb85294e9ce002f9222e57db | Vidar C&C | 2026-05-15 13:57:26 |
| fe322929a69e13348a8824c9eb27d58d8a82313b | Vidar C&C | 2026-05-15 13:56:48 |
| c3b80ea156c61148c1639d0c5c2eedd97d1dc9f7 | Vidar C&C | 2026-05-14 15:13:51 |
| 33ce7373545ee49eaae60e70c81ca1c1768061ea | Vidar C&C | 2026-05-14 15:12:24 |
| a7ebb36bfc096ff4c3337e3d4b93c60a45737d09 | Vidar C&C | 2026-05-14 15:08:16 |
| c99556080925c1984193558fe2956dba8b72f758 | Vidar C&C | 2026-05-14 15:08:14 |
| 17e77e5099f947d0d081764e9068af08c10a5430 | CobaltStrike C&C | 2026-05-14 13:39:37 |
| a5856e3eec6023b7044e2c8ffbc3094690d9b0f3 | GhostPulse C&C | 2026-05-14 13:13:17 |
| 7674e16dc2d048bc01ac4e9649743b9ef650debf | ACRStealer C&C | 2026-05-14 13:10:53 |
| 1c2f51a7fe88da3e8fa05d1a3e57bdde7670fe44 | ACRStealer C&C | 2026-05-14 13:08:31 |
| b0d7d2181ac921170414317553ad0542ce0e20ad | ACRStealer C&C | 2026-05-14 13:08:30 |
| 6da5a6bce253699b8db995f8955a4bf6482f12a3 | PureHVNC C&C | 2026-05-08 15:36:12 |
| 04472c9faf1014830def8016729f50a2b773a0ab | PureHVNC C&C | 2026-05-08 14:31:58 |
| cf08f1d2e3da9567cd2398ecb5f8df0503ce857f | SnappyClient C&C | 2026-05-08 09:21:41 |
| d30376a0f461e6cc126e18beb023e71c703912c0 | SnappyClient C&C | 2026-05-08 09:21:40 |
| 12adb13f09a921ef558cd28c50ac4de81e1b8ad3 | RatonRAT C&C | 2026-05-08 09:20:28 |
| 646821885b9e966ba8bb62c511f6b90a0b8d58c8 | ConnectWise C&C | 2026-05-08 09:19:27 |
| 693673f31128d9637630776f2989b5c29c77b04d | Vidar C&C | 2026-05-08 09:18:44 |
| e7794a6055d9e3d5ead7741379a14058e0387c18 | ACRStealer C&C | 2026-05-08 09:18:24 |
| 5bb5b87a8f5d20bf3d5c6d64b3cf71fba84b43fd | AsyncRAT C&C | 2026-05-08 09:17:02 |
| e98a74657b20c543eae044a0c30c754b74e0be47 | SnappyClient C&C | 2026-05-08 09:13:16 |
| 72acf314bf4f7e4404003f03407ab3cee9f87121 | SnappyClient C&C | 2026-05-08 09:13:00 |
| 0b4af41022c93826bef925fd3b0f658ea3307c6f | SnappyClient C&C | 2026-05-08 09:12:59 |
| df02815d50b3d1684f2f5ad2b3fd3ce9b907a57d | MaksRAT C&C | 2026-05-08 09:12:04 |
| 0f6b3491e94f40a637680924c507a494426e534c | AsyncRAT C&C | 2026-05-08 09:10:23 |
| 65e7ee12cf141d831c697091f161c0c23544abbc | PureHVNC C&C | 2026-05-08 09:07:50 |
| e34b073422d220ec2338ca09738db9fe3481ba68 | PureHVNC C&C | 2026-05-08 09:05:51 |
| 4ea9780c4039e050f0e2433deaa076a1ed3e1cec | Vidar C&C | 2026-05-08 09:04:05 |
| 8a9c74049483847464da1ca3cf6f1f44e17a5f0f | QuasarRAT C&C | 2026-05-08 08:49:40 |
| c3a91892391bdb3668731a49dc409376e6aa2d93 | Meterpreter C&C | 2026-05-08 08:48:54 |
| 87e5589d7d33aa32595bc8f2ac6275a4f1620fb1 | Vidar C&C | 2026-05-08 08:35:04 |
| 19d15b1da5879c55171757e38482a9b1a260c0a4 | Vidar C&C | 2026-05-08 08:34:14 |
| 275d98e8ac40fa51490a1982fd621954d6ffe4c1 | Vidar C&C | 2026-05-06 10:15:38 |
| 642658f7ab86668339d1f98c7fb6a4200589db02 | PureHVNC C&C | 2026-05-06 07:45:07 |
| 5ee1e0ab5f0782e83d62722e9a7ee91062102652 | PureHVNC C&C | 2026-05-05 14:07:57 |
| c56ac80a032ff319463850125369cc514e83ed59 | PureHVNC C&C | 2026-05-05 13:39:41 |
| cce12866188dc393f3c4e151caf38e32543a9c65 | PureHVNC C&C | 2026-05-05 13:38:52 |
| c47bcbcbe0b1c474542c7fdc233ec68ffb4dcf14 | QuasarRAT C&C | 2026-05-05 13:38:42 |
| 47fd399c8f9f2074b6d16aaa853cd6eaacecd1ed | ConnectWise C&C | 2026-05-05 13:38:34 |
| 9833a3a7e27800d994a2924baf7a664dfff96e8c | AsyncRAT C&C | 2026-05-05 13:37:14 |
| 06e08670cd781e40cee3c93163c7d29ea73d4acb | ConnectWise C&C | 2026-05-05 13:34:58 |
| a08099ae4318bfc81af69fd382081262cc4e9487 | QuasarRAT C&C | 2026-05-05 13:34:34 |
| 82f19aac31fa0b5c38858af039bc9b0133424046 | Vidar C&C | 2026-05-05 06:28:40 |
| fcf4598502929f58a832dd6aa1fba567340e504a | Vidar C&C | 2026-05-05 06:27:55 |
| 117c5e01959e7e48153743a519723339bd2e0825 | Vidar C&C | 2026-05-05 06:22:18 |
| 35f9894dac20d0e00cfbd754f7e51943db31ff65 | Vidar C&C | 2026-05-05 06:08:05 |
🔑 JA3 Fingerprints
97 shown / 97 total| JA3 Hash | Reason | First Seen |
|---|---|---|
| b386946a5a44d1ddcc843bc75336dfce | Dridex | 2017-07-14 18:08:15 |
| 8991a387e4cc841740f25d6f5139f92d | Adware | 2017-07-14 19:02:03 |
| cb98a24ee4b9134448ffb5714fd870ac | Dridex | 2017-07-14 19:48:28 |
| 1aa7bf8b97e540ca5edd75f7b8384bfa | TrickBot | 2017-07-14 20:23:38 |
| 3d89c0dfb1fa44911b8fa7523ef8dedb | Adware | 2017-07-15 04:23:45 |
| bc6c386f480ee97b9d9e52d472b772d8 | Adware | 2017-07-15 10:57:38 |
| 8f52d1ce303fb4a6515836aec3cc16b1 | TrickBot | 2017-07-15 19:05:11 |
| d6f04b5a910115f4b50ecec09d40a1df | Dridex | 2017-07-15 19:42:24 |
| 35c0a31c481927f022a3b530255ac080 | Tofsee | 2017-07-15 19:43:19 |
| e330bca99c8a5256ae126a55c4c725c5 | Adware | 2017-07-15 19:59:29 |
| d551fafc4f40f1dec2bb45980bfa9492 | Adware | 2017-07-15 19:59:29 |
| 83e04bc58d402f9633983cbf22724b02 | Adware | 2017-07-16 01:32:03 |
| b8f81673c0e1d29908346f3bab892b9b | Adware | 2017-07-16 01:32:03 |
| 70722097d1fe1d78d8c2164640ab6df4 | Tofsee | 2017-07-16 02:39:08 |
| 9c2589e1c0e9f533a022c6205f9719e1 | Adware | 2017-07-16 08:37:17 |
| 849b04bdbd1d2b983f6e8a457e0632a8 | Adware | 2017-07-16 08:37:17 |
| 16efcf0e00504ddfedde13bfea997952 | Adware | 2017-07-16 19:45:45 |
| 4d7a28d6f2263ed61de88ca66eb011e3 | Tofsee | 2017-07-16 21:20:29 |
| 550dce18de1bb143e69d6dd9413b8355 | Adware | 2017-07-16 22:17:20 |
| c50f6a8b9173676b47ba6085bd0c6cee | TrickBot | 2017-07-16 22:38:41 |
| 590a232d04d56409fab72e752a8a2634 | Tofsee | 2017-07-18 18:53:24 |
| 51a7ad14509fd614c7bb3a50c4982b8c | JBifrost | 2017-07-19 07:28:19 |
| 96eba628dcb2b47607192ba74a3b55ba | Tofsee | 2017-07-19 18:53:48 |
| df5c30e670dba99f9270ed36060cf054 | Tofsee | 2017-07-20 17:44:07 |
| 098f55e27d8c4b0a590102cbdb3a5f3a | Adware | 2017-07-21 09:52:01 |
| 29085f03f8e8a03f0b399c5c7cf0b0b8 | Adware | 2017-07-22 14:07:36 |
| 46efd49abcca8ea9baa932da68fdb529 | Adware | 2017-07-22 14:07:36 |
| d7150af4514b868defb854db0f62a441 | Tofsee | 2017-07-23 09:39:24 |
| 03e186a7f83285e93341de478334006e | Tofsee | 2017-07-24 18:17:14 |
| 3cda52da4ade09f1f781ad2e82dcfa20 | Quakbot | 2017-07-30 18:41:36 |
| b13d01846ad7a14a70bf030a16775c78 | Adware | 2017-08-08 07:12:49 |
| 1543a7c46633acf71e8401baccbd0568 | Tofsee | 2017-08-08 21:32:28 |
| 1d095e68489d3c535297cd8dffb06cb9 | Tofsee | 2017-08-12 19:56:28 |
| 698e36219f3979420fa2581b21dac7ec | Adware | 2017-08-28 12:20:47 |
| 93d056782d649deb51cda44ecb714bb0 | Adware | 2017-08-28 12:20:47 |
| 1712287800ac91b34cadd5884ce85568 | TorrentLocker | 2017-08-28 16:01:59 |
| 5e573c9c9f8ba720ef9b18e9fce2e2f7 | Adware | 2017-08-30 13:44:56 |
| f6fd83a21f9f3c5f9ff7b5c63bbc179d | Adware | 2017-10-20 08:03:21 |
| 92579701f145605e9edc0b01a901c6d5 | Adware | 2017-10-23 00:10:48 |
| a61299f9b501adcf680b9275d79d4ac6 | Tofsee | 2017-11-04 18:03:59 |
| b2b61db7b9490a60d270ccb20b462826 | Adware | 2017-11-14 20:12:03 |
| 7dcce5b76c8b17472d024758970a406b | Tofsee | 2017-11-22 12:42:46 |
| 534ce2dbc413c68e908363b5df0ae5e0 | TrickBot | 2017-12-22 09:36:21 |
| fb00055a1196aeea8d1bc609885ba953 | TrickBot | 2018-01-01 22:49:25 |
| a50a861119aceb0ccc74902e8fddb618 | Tofsee | 2018-01-02 08:16:23 |
| e7643725fcff971e3051fe0e47fc2c71 | Tofsee | 2018-01-31 08:06:13 |
| 7c410ce832e848a3321432c9a82e972b | Tofsee | 2018-01-31 20:04:25 |
| da949afd9bd6df820730f8f171584a71 | Tofsee | 2018-02-03 05:19:37 |
| 906004246f3ba5e755b043c057254a29 | Tofsee | 2018-03-11 08:25:38 |
| fd80fa9c6120cdeea8520510f3c644ac | Tofsee | 2018-03-11 09:34:30 |