🚨
Critical Threats Require Immediate Attention
0 Known Exploited Vulnerabilities • 1 Critical CVEs • 0 Active C2 Servers • 0 High-Risk IPs
PATCH NOW
BLOCK IPS
🦠
500
Malware
🎯
0
C2 Servers
🔗
500
Mal URLs
📦
500
Payloads
🔓
100
CVEs
🔐
500
SSL Certs
🔑
97
JA3
☠️
500
ThreatFox
🌐
15
IPs
📊 Data Coverage
Total Collected:
2713
Total IOCs:
2597
CVE References:
495
Display Limit:
100/table
CVEs
100 / 100
100%
URLs
100 / 500
20%
Malware
100 / 500
20%
IPs
15 / 15
100%
Payloads
100 / 500
20%
SSL Certs
100 / 500
20%
JA3
97 / 97
100%
ThreatFox
100 / 500
20%
📤 Exportable IOC Summary (Click to download CSV)
🦠 Top Malware Families
Mirai
244
ClearFake
121
Unknown malw...
88
Remus
69
Cobalt Strik...
55
Mozi
54
Gafgyt
45
ConnectWise
33
☠️ ThreatFox IOC Types
domain
200
ip:port
186
url
81
sha256_hash
33
📁 File Types
unknown
543
elf
170
html
159
exe
55
zip
25
txt
16
🔐 SSL Blacklist Reasons
Vidar C&C
128
OffLoader C&C
54
PureHVNC C&C
50
ACRStealer C&C
33
QuasarRAT C&C
31
ConnectWise C&C
29
🔑 JA3 Malware Types
Tofsee
45
Adware
24
TrickBot
9
Dridex
4
Quakbot
2
Gozi
2
🔓 Vulnerability Intelligence
100 shown / 100 total| CVE ID | Severity | CVSS | EPSS | Percentile | Priority |
|---|---|---|---|---|---|
| CVE-2026-10237 | LOW | 2 | 0.04% | 13.3% |
|
| CVE-2026-10236 | MEDIUM | 5.5 | 0.06% | 18.8% |
|
| CVE-2026-45192 | MEDIUM | 6.5 | 0.04% | 12.0% |
|
| CVE-2026-35563 | HIGH | 8.8 | 0.04% | 11.0% |
|
| CVE-2026-10235 | LOW | 2.1 | 0.04% | 11.4% |
|
| CVE-2026-10234 | LOW | 2 | 0.03% | 10.6% |
|
| CVE-2026-10233 | LOW | 1.9 | 0.01% | 2.4% |
|
| CVE-2026-10232 | LOW | 1.9 | 0.01% | 2.8% |
|
| CVE-2026-10231 | LOW | 1.9 | 0.01% | 2.8% |
|
| CVE-2026-10230 | LOW | 1.9 | 0.01% | 2.8% |
|
| CVE-2026-10229 | LOW | 1.9 | 0.01% | 3.0% |
|
| CVE-2026-10228 | LOW | 2 | 0.03% | 10.6% |
|
| CVE-2026-10227 | MEDIUM | 5.5 | 0.04% | 13.8% |
|
| CVE-2026-10226 | MEDIUM | 5.5 | 0.04% | 13.8% |
|
| CVE-2026-10225 | MEDIUM | 5.5 | 0.04% | 13.8% |
|
| CVE-2026-10224 | MEDIUM | 5.5 | 0.06% | 17.4% |
|
| CVE-2026-10223 | LOW | 2.1 | 0.05% | 15.5% |
|
| CVE-2026-10222 | LOW | 2.9 | 0.06% | 19.3% |
|
| CVE-2026-48209 | HIGH | 7.1 | 0.04% | 12.5% |
|
| CVE-2026-48208 | MEDIUM | 6.5 | 0.06% | 19.4% |
|
| CVE-2026-48191 | LOW | 3.5 | 0.02% | 6.0% |
|
| CVE-2026-48190 | LOW | 3.5 | 0.02% | 6.0% |
|
| CVE-2026-48189 | MEDIUM | 5.7 | 0.03% | 9.4% |
|
| CVE-2026-48188 | CRITICAL | 9.1 | 0.08% | 23.4% |
|
| CVE-2026-48187 | MEDIUM | 5.7 | 0.03% | 10.5% |
|
| CVE-2026-20456 | MEDIUM | 5.5 | 0.01% | 3.3% |
|
| CVE-2026-20455 | HIGH | 7.8 | 0.01% | 1.5% |
|
| CVE-2026-20454 | MEDIUM | 6.4 | 0.01% | 3.1% |
|
| CVE-2026-20453 | MEDIUM | 6.7 | 0.02% | 4.1% |
|
| CVE-2026-20452 | HIGH | 8 | 0.03% | 7.4% |
|
| CVE-2026-10221 | MEDIUM | 5.5 | 0.06% | 19.3% |
|
| CVE-2026-10220 | MEDIUM | 5.5 | 0.06% | 19.3% |
|
| CVE-2026-10219 | MEDIUM | 5.5 | 1.76% | 83.0% |
|
| CVE-2026-10218 | LOW | 2.1 | 0.05% | 15.2% |
|
| CVE-2026-10217 | LOW | 2.1 | 0.05% | 15.2% |
|
| CVE-2026-10216 | LOW | 2.9 | 0.07% | 20.9% |
|
| CVE-2026-10215 | LOW | 2.1 | 0.04% | 13.2% |
|
| CVE-2026-10214 | MEDIUM | 5.5 | 1.76% | 83.0% |
|
| CVE-2026-10213 | LOW | 2.1 | 0.05% | 17.2% |
|
| CVE-2026-10212 | LOW | 2.1 | 0.04% | 12.5% |
|
| CVE-2026-10211 | LOW | 2.1 | 0.04% | 12.5% |
|
| CVE-2026-10210 | LOW | 2.1 | 0.05% | 15.5% |
|
| CVE-2026-10209 | LOW | 2.1 | 0.04% | 11.4% |
|
| CVE-2026-10208 | MEDIUM | 5.5 | 0.04% | 13.8% |
|
| CVE-2026-10206 | HIGH | 7.4 | 0.09% | 26.2% |
|
| CVE-2026-10205 | LOW | 2.1 | 0.04% | 12.5% |
|
| CVE-2026-10204 | LOW | 2.1 | 0.03% | 9.5% |
|
| CVE-2026-10203 | LOW | 2.1 | 0.03% | 9.5% |
|
| CVE-2026-10202 | LOW | 2.1 | 0.03% | 9.5% |
|
| CVE-2026-10201 | LOW | 1.9 | 0.01% | 2.9% |
|
🌐 Enriched IP Intelligence
15 shown / 15 total| IP Address | Risk Score | GreyNoise | Abuse % | Ports | ISP | TOR |
|---|---|---|---|---|---|---|
| 142.4.6.57 |
|
unknown | 0% | 9931233306587 |
Unified Layer | |
| 162.144.127.197 |
|
unknown | 0% | 99320824432086 |
Unified Layer | |
| 49.212.179.180 |
|
unknown | 0% | 80443 |
SAKURA Internet Inc. | |
| 194.58.98.196 |
|
unknown | 0% | 8044322 |
Reg.Ru Hosting | |
| 67.213.75.205 |
|
unknown | 0% | 1651884 Ontario Inc. | ||
| 192.73.238.101 |
|
unknown | 0% | RAMNODE | ||
| 51.178.161.32 |
|
unknown | 0% | OVH SAS | ||
| 64.225.35.35 |
|
unknown | 0% | DigitalOcean, LLC | ||
| 195.159.28.230 |
|
unknown | 0% | 993995587143 |
Jpg AS | |
| 93.186.200.154 |
|
unknown | 0% | fast IT Colocation | ||
| 103.61.101.11 |
|
unknown | 0% | 808182912000 |
Calcify It Services ... | |
| 5.9.178.143 |
|
unknown | 0% | 443 |
Closco Ltd | |
| 37.139.2.140 |
|
unknown | 0% | DigitalOcean | ||
| 23.160.192.125 |
|
unknown | 0% | NetInformatik Inc. | ||
| 195.231.69.151 |
|
unknown | 0% | 338922 |
Aruba S.p.A. - Cloud... |
🦠 Malware Samples
100 shown / 500 total| SHA256 | Family | Name |
|---|---|---|
| 8aeba54e4b2dbace241a721e120366b8194a5a1fa4b1fb28cbe49cb432cc60ec | RemcosRAT | 20260010INTOTMS-4109926.v... |
| 292568fdf69cebf5ed05e083517f210a0d4d9f94970990968714343a59f7317a | RemcosRAT | YA26-1289_Daihatsu.vbs |
| da71d94b9dfacf295fec47bc365d5541b118f60c3f489274d51b3bedfb75d2a8 | AsyncRAT | DEKONT.vbs |
| 314fd50ab6eeb4ce78d0d72719bdeddf8cceebdde6f8c84484ba05486d257b4f | XWorm | Προσφορά.vbs |
| 0936fdc796ab6de67eae0a4dc605c7c7186f9839e6bc9e124a2c9fea7ea66b02 | RemcosRAT | weneedbestthingswithbette... |
| 86b9fc468e13235003066c38f0606ceec093fc1130da10a4c12eb7b15c54387c | PureLogsStealer | Xyz1.exe |
| ef013d902ac3621b21285d8a9cfd2239baddc5f1f4c5fe6b2f06e30ff3cfc0a0 | AgentTesla | PO BOQ.js |
| f77faf7d8d425fdbb25bf7498cd5e6704da674aeb8c6561becc56dd9976be038 | Formbook | PO_2026.scr.exe |
| 4ac2e42630f8f7d7c0a8303f9581ee82ef041016d394db22fd9def53c9ec8276 | Phorpiex | file |
| dbf418de2f91dd227f9bb4fc7ffb8bb882729037ecb101518f87fd622f227268 | ValleyRAT | TencentMeeting_x86_64.exe |
| 3fa581165b093432e500c6b1c7c09a37a8accd256bbb6382c5dd542866886a98 | ValleyRAT | System.exe |
| 96f9426b834c812bc953e2cd836d83d1b523d2ff0bcbe812306b80b8234a73c6 | ValleyRAT | PopAd.exe |
| 032e1d550d78270eca2815941833c288d09dcbbfb9e8360d30971d5ee013f509 | ValleyRAT | DingdTalk_Setup901240.exe |
| cb138982d5e7ea3917370d11adce32311761fd431d10a5c2cbd24f8b6c76cdba | Gh0stRAT | 1.exe |
| ff6fa3af9a6ac4bc9e2c5aecae5142e6f7c0ffd0d0db78cc3c0b7ff7f83a9b39 | LeetHozer | zero.armv5l |
| 4f37d61d2a689730c1a27a15bd6a3f4075d293a13b6b812ab2bc9c0c3b5691d8 | LeetHozer | zero.armv5l |
| 93a1089ba7f40a4808bf24bbfc57709dd681fb15971bae88f3c3de240795af38 | CoinMiner | file |
| 8fa1f3e3cb1d773962fa0fd626fbd1595829d1d0826c271765f040778b58bc72 | DiscordTokenStealer | P.O 265.pdf.js |
| 41f13693681cc7e8b773cae573f5e1bcbacbadbb0d271623b241baab64a3a43c | MassLogger | Purchase Order #426497.js |
| ae340c8b69b058f91809b62dbd4bef72dac085d9810f56ae4f50e19afe903912 | XWorm | Stile.js |
| 968416f33911ac6dbdf52a31009d85d954bd3ad3d13aa73bf52d4731c2efa768 | MassLogger | TeklifFormu_1120.hta |
| 56f14ce40e19fb067daf65a973dca1ca3c319834ced645613d72535db37882eb | MassLogger | rckki98773.hta |
| 170715a4029ae2c2a73837b6611aa0585a887dd00932ec5604fb293ed6ada45a | LokiRAT | hitclub.paris_142c0aff_k_... |
| 2e6fbd142bd5622d2415adbb479d091d322e2f28e91ddc20e3f8b59a26b42a73 | QuasarRAT | hitclub.paris_113f01ee_q_... |
| 86ad203b4dfcd43bdc93bea91e9fc01b613e4fa755fcf3b298e8d1e74e168009 | QuasarRAT | hitclub.nagoya_6d604600_q... |
| 04a93feba4c974ab3c7fe203d68f78bc3b8b395492fdecc0b3fefadfd74dcac4 | AsyncRAT | hitclub.nagoya_33542079_s... |
| 6c6d2bc2d895c9e0b8946c0d1ad5611632e479eecb481031e5f3744e1a6f65b0 | Jigsaw | hitclub.nagoya_1ae33ef5_r... |
| 336cee203c92efe8a8067f9c3ad71e3d7fd2d7231e6bce8381d5ec0243bf1e60 | BlackShades | hitclub.nagoya_119e0e0c_h... |
| 21ec3bd2644b08eb5dfea8718c98a786f11aaceb041bfa29fa550b70dc763e02 | LokiRAT | hitclub.nagoya_09e7119e_k... |
| 21ebfef3bccef414a12aae17947949773e6dee6bf283b11d8756ac2ee2509241 | PureLogsStealer | SecuriteInfo.com.Heur.MSI... |
| 7b2314d6af6b3df7723dbd88439b29fb990e8133cba441c76b9683b68a5adfd1 | Jigsaw | citrum.io_6dce400a_r_micr... |
| 4a4c286c2ee27df4c0ca597b2568986689f8fb5d0b325fdc2cf45af560b80c97 | LokiRAT | citrum.io_4968624d_k_unik... |
| 99cfd8d9b8ebba0d7cf8527eb0b63eb920fa6898f6971c53df833a85415714f6 | BlackShades | citrum.io_41e23b94_h_nvid... |
| 54202d955f19f8d721408471a906211833843624ecdca03ace14824c2b041d82 | AsyncRAT | citrum.io_13876d9e_s_oned... |
| af4bf0887368a86ea9b3efc1c215c1e59c663de1288777b67246c4b641897bd3 | QuasarRAT | citrum.io_077c34e8_q_acro... |
| 7b1a94c7e5dc71a25b5fd7992793977ac034c3279fb4b30ba834597cda33e41a | Prometei | 7b1a94c7e5dc71a25b5fd7992... |
| e9ce4a059cbb619aa07380aec63ea8b06bd2fd256f6b6f0a09b9135d7072d227 | Gafgyt | kworkerd-writeback |
| 7ee06981b595706dded876239d120738a50d4509176eb07ce94f05fd8310addc | Mirai | kworkerd-irq-bal |
| f4397ea797284d4d4b3c846efa344a523261ca3476064887bfe53160bf5ad70f | Gafgyt | kworkerd-irq |
| 0ab502b2cc1b8d1a349c144a435a78b68c23fea7b7d45dd767167787feaa5d6b | Mirai | kworkerd-blkcg |
| f37ed79668941787e69fb196e04e7925a305b337c2f898c1673895b55f5e5747 | Gafgyt | kworkerd-writeback |
| fe69962db8397c46ebeb874074f99aefb62e8a002e195f284cf66409b43b24fd | Gafgyt | kworkerd-softirq |
| 1ed309675454536d576540239401be1d8b47d1ccca7f36dc210dfdf9b38bd9a0 | Mirai | kworkerd-scsi |
| 1c38a5f1d5e0767714725b560a0d8fe5e5a2e7601a4791e5d3688e912f035270 | Gafgyt | kworkerd-mm |
| ace33b0ff620088469ffdb872e7a376db3e910c47988bc044b8f7c5795039db0 | Gafgyt | kworkerd-irq-bal |
| c90197d80fec84e03147a7beb3ec030509127c3f574bccc6f6ba0766ed1b4680 | Gafgyt | kworkerd-irq |
| 71e37c6e4cbf19e7ec6d984ba368a93ca63acb61c73d3ea03fdbdd6036fc9eea | Mirai | kworkerd-events |
| 7fe0b6835fb674d445dc9255fad274afeee1b72ad30f1964eb8607518292968a | Mirai | kworkerd-crypto |
| 69c0fb33455ebdabd19703bd8024fbe9bd2d21c30772dac0968cd50751acf197 | Gafgyt | kworkerd-blkcg |
| df35ef64e2597eac8ca496beea82ceb595474ce5fcd02613efbf607607132328 | Gafgyt | kworkerd |
🎯 C2 Infrastructure
0 shown / 0 total| IP | Port | Family | Status |
|---|---|---|---|
| No data | |||
🔗 Malicious URLs
100 shown / 500 total| URL | Threat | Status | SURBL | Spamhaus | Tags |
|---|---|---|---|---|---|
| http://42.233.106.90:48613/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://125.41.72.161:32816/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://www.basefile.click/babyfacexload.png | malware_download | online | not listed | botnet_cc_domain | |
| http://www.basefile.click/yufile.png | malware_download | online | not listed | botnet_cc_domain | |
| http://www.basefile.click/optimized_MSIljune.png | malware_download | online | not listed | botnet_cc_domain | |
| http://kpmmg.org//common/caches/edu.png | malware_download | offline | not listed | abused_legit_botnetcc | |
| http://125.41.72.161:32816/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://182.126.196.190:39395/i | malware_download | online | not listed | not listed | 32-bitarm |
| http://112.93.138.255:34846/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://ykjqdm.bankefile.com/70beae92-77ab-4f02-9ba3-0fb960a454b4 | malware_download | offline | not listed | not listed | ClearFake |
| https://rqwkms23.anodaz.store/?ublib=0eb66ccc-0b73-4497-9735-1e0291733343 | malware_download | offline | not listed | not listed | ClearFake |
| http://125.41.140.0:39380/i | malware_download | online | not listed | not listed | |
| http://60.182.226.145:57513/i | malware_download | online | not listed | not listed | 32-bitarm |
| http://178.16.54.109/xxx.exe | malware_download | online | not listed | not listed | dropped-by-Phorpiexphorpiex |
| https://vzyeissn.rial.bet/9cd38751-cfc3-49c5-acbd-5f8214fcc2dc | malware_download | offline | not listed | not listed | ClearFake |
| http://219.157.191.201:33202/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://sjowpfe.akhlageslami.xyz/9e7ee33a-24c1-4343-a8a3-7081b413cb2a | malware_download | offline | not listed | not listed | ClearFake |
| http://203.99.183.203:56140/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://182.121.152.94:33578/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://ouqzmwvg.jamjahani.football/c0c89567-a44e-483e-a019-2bf07dbd4511 | malware_download | offline | not listed | not listed | ClearFake |
| http://125.41.140.0:39380/bin.sh | malware_download | online | not listed | not listed | |
| http://110.39.238.29:51646/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://163.142.77.139:52992/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://203.99.183.203:56140/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://60.182.226.145:57513/bin.sh | malware_download | online | not listed | not listed | 32-bitarm |
| https://azj9wm5k.fununetadris.shop/?ublib=602784c0-dcaa-49fd-8922-d54858c7ea10 | malware_download | offline | not listed | not listed | ClearFake |
| https://llonnk.bankefile.com/b0d8fe01-aef2-4f6d-b392-852ed6d3eb68 | malware_download | offline | not listed | not listed | ClearFake |
| http://219.157.191.201:33202/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://123.10.230.114:44681/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://182.121.152.94:33578/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://112.93.138.197:36350/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://gng97m36.angizeshfarahani.store/?ublib=1ffca209-7e8d-42dc-ad26-034e720d2... | malware_download | offline | not listed | not listed | ClearFake |
| https://lzkgofe.akhlagvaahkam.xyz/eab7ce51-a214-4476-a255-93d714b542a9 | malware_download | offline | not listed | not listed | ClearFake |
| https://bedrive.ru/d7e0?download_token=8fd14012ea855aa9faf80c8eb1af722badb53202b... | malware_download | online | not listed | not listed | apkmamont |
| http://95.9.35.137:36582/i | malware_download | online | not listed | not listed | 32-bitarm |
| http://192.3.136.217/kmGqynoBzwpgitYVChgpfLVIeGQ39.bin | malware_download | online | not listed | not listed | encryptedGuLoader |
| http://192.3.136.217/Arres.qxd | malware_download | online | not listed | not listed | asciiEncoded |
| https://friendly-trifle-f3e6f0.netlify.app/2.hta | malware_download | online | listed | abused_legit_phishing | hta |
| http://61.53.254.129:49669/i | malware_download | online | not listed | not listed | Mozi |
| http://60.23.232.177:39809/bin.sh | malware_download | offline | not listed | not listed | 32-bitelf |
| http://183.149.40.166:46758/bin.sh | malware_download | online | not listed | not listed | 32-bitarm |
| https://xqbzvgfy.red90.casino/49adf6ae-a534-4549-bde2-926adadbe2e2 | malware_download | offline | not listed | not listed | ClearFake |
| http://115.55.196.212:56432/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://42.234.118.12:36234/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://115.55.196.212:56432/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| https://yovejfu.amlakshahri.xyz/059aa6ee-63dc-4255-a31f-2411cf06e87d | malware_download | offline | not listed | not listed | ClearFake |
| http://182.126.248.111:45277/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://61.53.254.129:49669/bin.sh | malware_download | online | not listed | not listed | Mozi |
| http://115.55.55.2:58748/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://115.55.55.2:58748/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
📦 URLhaus Payloads (with VirusTotal)
100 shown / 500 total| SHA256 | Family | Type |
|---|---|---|
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 5b79fd6c058ed731c614c095bbafd18fd3830f028b764ac452e3a61771a5d04d | -- | unknown |
| b98b38421db78fce2eccdf24d78ed258c0db7377911ec4c6b53d7ed940983350 | -- | unknown |
| f56b46fa7cb1c081f461af9fdb56eca4d861a30ed12e744996036ddf4aaea729 | -- | unknown |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 59ee9cc2403c77f01fb4e9ef0b613bff82acd7e768e1e483def2f37336447670 | -- | html |
| 12013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0ef | Mirai | elf |
| d16f78708263596d62bdb7ca4289a3efa85faebd0fb0225aeabddbee8dd47a2b | -- | js |
| f04835dfc782f472ab7342666cd08a586dd459fc79bd3a1b24829c65751478c7 | -- | unknown |
| f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8 | -- | elf |
| b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605 | -- | elf |
| 12013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0ef | Mirai | elf |
| 4ac2e42630f8f7d7c0a8303f9581ee82ef041016d394db22fd9def53c9ec8276 | Phorpiex | exe |
| 34eaec88025ddde3f4ef6ece8375aa4fb5dc99a44d26d8a0ab55df3888acdcbe | -- | html |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605 | -- | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8 | -- | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 12013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0ef | Mirai | elf |
| 4f37d61d2a689730c1a27a15bd6a3f4075d293a13b6b812ab2bc9c0c3b5691d8 | LeetHozer | elf |
| aa74722c3d58cf7c9c3105edccf57f3f50f998ecf6da40343b2e6a997a992e28 | -- | html |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8 | -- | elf |
| 9642fa0eeb100711a0942e7c67bf05694451bb0ea2911f26adef8c78d5f378f5 | -- | zip |
| 12013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0ef | Mirai | elf |
| 3a3c8687ee9d7d83a0bf723de079391f46d831f09854dc5c457d67b0af2f262c | -- | unknown |
| 552579e4c2758f3ca7533f191cd8ba664cc50d16de8440af8b8cef10d8df3fdf | -- | txt |
| ba6e13ce41abc5ff7b272002de76bae16554b4ab295cd07d41d10e764a4f29f3 | -- | hta |
| ec5b7d91548a6c1dfdd3840a7fa03da5052844bc6156b1fa0e4bb2abaa74af2d | -- | html |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| d210d9e3d2f50a62ece87f2029a8918740640a94d852e098daaeefd439958947 | -- | unknown |
| 12013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0ef | Mirai | elf |
| 030e53b7d1559e5b283ca0de905e84a57ce29e87c423600b742a1613d4de2d24 | -- | html |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605 | -- | elf |
| b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605 | -- | elf |
| 882757786bc631fb38d9d8801415f6a3a78e777aa1b5ee79e0330cdd37e3309b | -- | js |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| f6c97b1e2ed02578ca1066c8235ba4f991e645f89012406c639dbccc6582eec8 | -- | elf |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 3e472416178590980e551db54c3b2b5db5df3ad45a7ef79eaaac2d19865fd363 | -- | html |
☠️ ThreatFox IOCs
100 shown / 500 total| IOC | Type | Malware | Confidence | Threat |
|---|---|---|---|---|
| ykjqdm.bankefile.com | domain | ClearFake |
|
payload_delivery |
| rqwkms23.anodaz.store | domain | ClearFake |
|
payload_delivery |
| vzyeissn.rial.bet | domain | ClearFake |
|
payload_delivery |
| sjowpfe.akhlageslami.xyz | domain | ClearFake |
|
payload_delivery |
| ouqzmwvg.jamjahani.football | domain | ClearFake |
|
payload_delivery |
| azj9wm5k.fununetadris.shop | domain | ClearFake |
|
payload_delivery |
| euggvtxb.fununetadris.shop | domain | ClearFake |
|
payload_delivery |
| llonnk.bankefile.com | domain | ClearFake |
|
payload_delivery |
| aomfziar.shartplus.bet | domain | ClearFake |
|
payload_delivery |
| https://sam.glamisdunesrentals.com/ | url | Vidar |
|
botnet_cc |
| sam.gagahsm188.top | domain | Vidar |
|
botnet_cc |
| https://sam.gagahsm188.top/ | url | Vidar |
|
botnet_cc |
| sam.glamisdunesrentals.com | domain | Vidar |
|
botnet_cc |
| xqbzvgfy.red90.casino | domain | ClearFake |
|
payload_delivery |
| yovejfu.amlakshahri.xyz | domain | ClearFake |
|
payload_delivery |
| krezxpiv.jamjahani2026.football | domain | ClearFake |
|
payload_delivery |
| https://saffronecho.top/redirect/gateway... | url | SmartApeSG |
|
payload_delivery |
| tdfzyex.amoozeshagazade.shop | domain | ClearFake |
|
payload_delivery |
| 38.47.122.34:8888 | ip:port | Cobalt Strike |
|
botnet_cc |
| saffronecho.top | domain | SmartApeSG |
|
payload_delivery |
| https://saffronecho.top/redirect/middlew... | url | SmartApeSG |
|
payload_delivery |
| pfyfyt.bankefiile.com | domain | ClearFake |
|
payload_delivery |
| nljdiefg.jamjahani.football | domain | ClearFake |
|
payload_delivery |
| lq8j82kc.shirbetfarsi.com | domain | ClearFake |
|
payload_delivery |
| y5cngab5.shirbetfarsi.com | domain | ClearFake |
|
payload_delivery |
| 3yl7mt55.andisheeslami2.xyz | domain | ClearFake |
|
payload_delivery |
| xtktlprb.rial.bet | domain | ClearFake |
|
payload_delivery |
| 38.47.122.34:8080 | ip:port | Cobalt Strike |
|
botnet_cc |
| 38.47.122.34:443 | ip:port | Cobalt Strike |
|
botnet_cc |
| 38.47.122.34:80 | ip:port | Cobalt Strike |
|
botnet_cc |
| 1yusfrvk.pishbinibet.bet | domain | ClearFake |
|
payload_delivery |
| ithfkpx.amoozeshtagipour.shop | domain | ClearFake |
|
payload_delivery |
| https://medcompent.com/rec.php | url | DarkVision RAT |
|
botnet_cc |
| uecvehp.amoozeshagazade.shop | domain | ClearFake |
|
payload_delivery |
| ck444app.net | domain | AsyncRAT |
|
botnet_cc |
| 93.95.115.186:49384 | ip:port | Mirai |
|
botnet_cc |
| firdgorl.restaurantguideaarhus.com | domain | ClearFake |
|
payload_delivery |
| sc.runtimeatlas.cc | domain | ACR Stealer |
|
botnet_cc |
| ojuritosc.com | domain | Unknown RAT |
|
botnet_cc |
| s4x5yd7i.anodaz.store | domain | ClearFake |
|
payload_delivery |
| 39.100.89.103:8084 | ip:port | VShell |
|
botnet_cc |
| 8.135.58.72:8084 | ip:port | VShell |
|
botnet_cc |
| 192.187.118.178:8084 | ip:port | VShell |
|
botnet_cc |
| 124.220.94.87:80 | ip:port | VShell |
|
botnet_cc |
| 107.150.25.65:2086 | ip:port | VShell |
|
botnet_cc |
| xmwofxxy.winxbet.co | domain | ClearFake |
|
payload_delivery |
| oxzqss.azmoonzare.online | domain | ClearFake |
|
payload_delivery |
| 0xln2imp.yekbetiran.com | domain | ClearFake |
|
payload_delivery |
| 0lq2f3fa.yekbetiran.com | domain | ClearFake |
|
payload_delivery |
| rkbvh5p1.parspoker.casino | domain | ClearFake |
|
payload_delivery |
🔐 SSL Blacklist
100 shown / 500 total| SHA1 Fingerprint | Reason | Listed |
|---|---|---|
| 14a5975bdcb2ad65a1db0f0809c18a8d89a0276e | PureLogsStealer C&C | 2026-06-10 12:55:56 |
| 99bc361047301dd49afbfe7f8ee38e1736cad160 | PureLogsStealer C&C | 2026-06-10 12:53:32 |
| 185ba0134595e7e8fa4ba332d6eb3582b90e6cc8 | ValleyRAT C&C | 2026-06-10 12:33:57 |
| 86a5a8ff90521be0546e618477f415ef729bf139 | ACRStealer C&C | 2026-06-10 08:10:26 |
| 2ac9f76439443095262466246b031df8c3b80814 | ConnectWise C&C | 2026-06-10 08:07:58 |
| 27ea5cac4684efbaf2f173bfe99014ad9b71e069 | ConnectWise C&C | 2026-06-10 08:06:46 |
| e2a8f5ee5043b5577a731c58513a8b1e89b5d057 | ConnectWise C&C | 2026-06-10 08:02:55 |
| 104e671bfb5ffafcb39a37ad941576df82898181 | ConnectWise C&C | 2026-06-10 08:02:10 |
| 61a027ba3910f023288bbeba22ede85886fc9fc0 | ConnectWise C&C | 2026-06-10 08:00:16 |
| 309cb04c252df6a8cfbf0b920b10db582cae87e2 | StealeriumStealer C&C | 2026-06-10 06:07:50 |
| 39c142adbc6b401266f5cb025b7218246e36df74 | Vidar C&C | 2026-06-10 06:06:04 |
| 9a3d296b0b5df9b26429e7c4de49f57b9767c368 | PureLogsStealer C&C | 2026-06-10 06:03:57 |
| cf62ecd77ed61f4b597c5a0fb29912f9d80a2d6b | Vidar C&C | 2026-06-10 05:58:41 |
| 06790c224d4b06ee324466791e372b136a4b0bec | Malware C&C | 2026-06-09 18:53:58 |
| ddf1fa2a895a6ca01d366ca90ca02bebed2a6793 | PureLogsStealer C&C | 2026-06-09 18:41:39 |
| c0c4b001cbd92f888d0143659eac73a87bc040d6 | PureLogsStealer C&C | 2026-06-09 18:41:23 |
| 244fab9da420579102b57ce615f0304b64c76d6b | Vidar C&C | 2026-06-09 18:38:52 |
| 2f8cc1beb13cb83b1cdf9faf4fa9078478960622 | Vidar C&C | 2026-06-09 18:38:50 |
| 12ab4a06e47ff0a3c651c3344edd9baa404080fc | PureLogsStealer C&C | 2026-06-09 18:28:47 |
| 736a1766d64ab37f96483dcbcd159c86fc49834e | OffLoader C&C | 2026-06-09 18:27:45 |
| f5e4a38e0d1795bb17e6e20cc4aa9e6ec438e2f8 | ConnectWise C&C | 2026-06-09 18:22:03 |
| 3a51b5318e2a2db7b33a40ca5b2b3800db71c35e | PureLogsStealer C&C | 2026-06-09 18:21:26 |
| cb6da2d280152b148df4eb4cc9a246c682c383a8 | Malware distribution | 2026-06-09 18:20:29 |
| 07bfeba579915b66348498a3812a27b58dd64907 | CobaltStrike C&C | 2026-06-09 18:18:39 |
| dd27ac48a965285c604dd7e203b4168491038754 | PureLogsStealer C&C | 2026-06-09 18:18:32 |
| 4a1ab545447ebc24caa29bb6177d736f7e05ca14 | PureLogsStealer C&C | 2026-06-09 18:17:43 |
| 8307b365127a7c61bd423662370c607a5b8b684f | PureLogsStealer C&C | 2026-06-09 18:17:16 |
| c28b9d920b6a4ff5446116ffc719105608cbd26f | PureLogsStealer C&C | 2026-06-09 18:17:10 |
| e9f34ffa2e04b1fc4d22b219eab01fdc8aef4185 | PureLogsStealer C&C | 2026-06-09 18:17:05 |
| 722e0ea2df3f8c174a821c4322b20a4ea30f2705 | PureLogsStealer C&C | 2026-06-09 18:15:15 |
| dc4932b1ea50ef699fed8fa52e2a1d6b75987878 | ConnectWise C&C | 2026-06-09 18:12:23 |
| 11af63139ec0f70cc1136a44aa45fe1c2b481955 | PureLogsStealer C&C | 2026-06-09 18:11:35 |
| b6489631abc0396854c92e63917b4bbd2e2b3168 | DCRat C&C | 2026-06-09 18:07:42 |
| 86ee48a5c44b140149fba77b22b93900cf3e883b | Vidar C&C | 2026-06-09 17:52:40 |
| 94672f2ecc719189d50fbaca2f1597f783470188 | Vidar C&C | 2026-06-09 17:52:38 |
| ac7ad70f430454f1f0a90101cb267e938c7cb9a6 | KongTuke C&C | 2026-06-09 17:48:40 |
| 496d191aedf6be136391a1828962864b479bfec7 | Vidar C&C | 2026-06-09 06:05:44 |
| cc060f5f00fde826f5252c47765f1f0a74e8cb1b | Vidar C&C | 2026-06-09 06:05:32 |
| 5556255c430a2dff1a61bf266d7c3eaeedd885ab | Vidar C&C | 2026-06-09 06:00:05 |
| 7a87b6d493b26e7a16255788436690996b49f273 | KongTuke C&C | 2026-06-08 19:01:42 |
| a72f1227b88e5c8d436899f9f098a57504a1ef9e | PureLogsStealer C&C | 2026-06-08 19:00:16 |
| 454a92d16f440ad8f180e21da8ee6552b151c25c | Vidar C&C | 2026-06-07 07:24:38 |
| a01bd4e7cb1064b5af288d0fbc48a06314f4c9af | ACRStealer C&C | 2026-06-06 08:22:31 |
| e88df6fa5cbae7002d552047f52594c7dbe46baa | PureLogsStealer C&C | 2026-06-06 08:17:57 |
| 1826e244059546f2728d9dca86494828c95d0313 | RatonRAT C&C | 2026-06-06 07:03:33 |
| 44d317f1bdfcf7670d288c912cecd0737bc4cc1b | Vidar C&C | 2026-06-06 07:03:14 |
| ae590545961e96de860ea7434c0e8c69b924de6f | QuasarRAT C&C | 2026-06-06 07:02:21 |
| 839f5f87d73ca215f864886dc5852a55faf89287 | ConnectWise C&C | 2026-06-06 07:01:29 |
| 5d56416d22dff9c9c1fa6afa542760ffb799b627 | PureLogsStealer C&C | 2026-06-06 07:00:42 |
| 6fdf1f145d05c569111ae66cca64e713dc122150 | CobaltStrike C&C | 2026-06-06 06:59:38 |
🔑 JA3 Fingerprints
97 shown / 97 total| JA3 Hash | Reason | First Seen |
|---|---|---|
| b386946a5a44d1ddcc843bc75336dfce | Dridex | 2017-07-14 18:08:15 |
| 8991a387e4cc841740f25d6f5139f92d | Adware | 2017-07-14 19:02:03 |
| cb98a24ee4b9134448ffb5714fd870ac | Dridex | 2017-07-14 19:48:28 |
| 1aa7bf8b97e540ca5edd75f7b8384bfa | TrickBot | 2017-07-14 20:23:38 |
| 3d89c0dfb1fa44911b8fa7523ef8dedb | Adware | 2017-07-15 04:23:45 |
| bc6c386f480ee97b9d9e52d472b772d8 | Adware | 2017-07-15 10:57:38 |
| 8f52d1ce303fb4a6515836aec3cc16b1 | TrickBot | 2017-07-15 19:05:11 |
| d6f04b5a910115f4b50ecec09d40a1df | Dridex | 2017-07-15 19:42:24 |
| 35c0a31c481927f022a3b530255ac080 | Tofsee | 2017-07-15 19:43:19 |
| e330bca99c8a5256ae126a55c4c725c5 | Adware | 2017-07-15 19:59:29 |
| d551fafc4f40f1dec2bb45980bfa9492 | Adware | 2017-07-15 19:59:29 |
| 83e04bc58d402f9633983cbf22724b02 | Adware | 2017-07-16 01:32:03 |
| b8f81673c0e1d29908346f3bab892b9b | Adware | 2017-07-16 01:32:03 |
| 70722097d1fe1d78d8c2164640ab6df4 | Tofsee | 2017-07-16 02:39:08 |
| 9c2589e1c0e9f533a022c6205f9719e1 | Adware | 2017-07-16 08:37:17 |
| 849b04bdbd1d2b983f6e8a457e0632a8 | Adware | 2017-07-16 08:37:17 |
| 16efcf0e00504ddfedde13bfea997952 | Adware | 2017-07-16 19:45:45 |
| 4d7a28d6f2263ed61de88ca66eb011e3 | Tofsee | 2017-07-16 21:20:29 |
| 550dce18de1bb143e69d6dd9413b8355 | Adware | 2017-07-16 22:17:20 |
| c50f6a8b9173676b47ba6085bd0c6cee | TrickBot | 2017-07-16 22:38:41 |
| 590a232d04d56409fab72e752a8a2634 | Tofsee | 2017-07-18 18:53:24 |
| 51a7ad14509fd614c7bb3a50c4982b8c | JBifrost | 2017-07-19 07:28:19 |
| 96eba628dcb2b47607192ba74a3b55ba | Tofsee | 2017-07-19 18:53:48 |
| df5c30e670dba99f9270ed36060cf054 | Tofsee | 2017-07-20 17:44:07 |
| 098f55e27d8c4b0a590102cbdb3a5f3a | Adware | 2017-07-21 09:52:01 |
| 29085f03f8e8a03f0b399c5c7cf0b0b8 | Adware | 2017-07-22 14:07:36 |
| 46efd49abcca8ea9baa932da68fdb529 | Adware | 2017-07-22 14:07:36 |
| d7150af4514b868defb854db0f62a441 | Tofsee | 2017-07-23 09:39:24 |
| 03e186a7f83285e93341de478334006e | Tofsee | 2017-07-24 18:17:14 |
| 3cda52da4ade09f1f781ad2e82dcfa20 | Quakbot | 2017-07-30 18:41:36 |
| b13d01846ad7a14a70bf030a16775c78 | Adware | 2017-08-08 07:12:49 |
| 1543a7c46633acf71e8401baccbd0568 | Tofsee | 2017-08-08 21:32:28 |
| 1d095e68489d3c535297cd8dffb06cb9 | Tofsee | 2017-08-12 19:56:28 |
| 698e36219f3979420fa2581b21dac7ec | Adware | 2017-08-28 12:20:47 |
| 93d056782d649deb51cda44ecb714bb0 | Adware | 2017-08-28 12:20:47 |
| 1712287800ac91b34cadd5884ce85568 | TorrentLocker | 2017-08-28 16:01:59 |
| 5e573c9c9f8ba720ef9b18e9fce2e2f7 | Adware | 2017-08-30 13:44:56 |
| f6fd83a21f9f3c5f9ff7b5c63bbc179d | Adware | 2017-10-20 08:03:21 |
| 92579701f145605e9edc0b01a901c6d5 | Adware | 2017-10-23 00:10:48 |
| a61299f9b501adcf680b9275d79d4ac6 | Tofsee | 2017-11-04 18:03:59 |
| b2b61db7b9490a60d270ccb20b462826 | Adware | 2017-11-14 20:12:03 |
| 7dcce5b76c8b17472d024758970a406b | Tofsee | 2017-11-22 12:42:46 |
| 534ce2dbc413c68e908363b5df0ae5e0 | TrickBot | 2017-12-22 09:36:21 |
| fb00055a1196aeea8d1bc609885ba953 | TrickBot | 2018-01-01 22:49:25 |
| a50a861119aceb0ccc74902e8fddb618 | Tofsee | 2018-01-02 08:16:23 |
| e7643725fcff971e3051fe0e47fc2c71 | Tofsee | 2018-01-31 08:06:13 |
| 7c410ce832e848a3321432c9a82e972b | Tofsee | 2018-01-31 20:04:25 |
| da949afd9bd6df820730f8f171584a71 | Tofsee | 2018-02-03 05:19:37 |
| 906004246f3ba5e755b043c057254a29 | Tofsee | 2018-03-11 08:25:38 |
| fd80fa9c6120cdeea8520510f3c644ac | Tofsee | 2018-03-11 09:34:30 |