🚨
Critical Threats Require Immediate Attention
0 Known Exploited Vulnerabilities • 1 Critical CVEs • 0 Active C2 Servers • 0 High-Risk IPs
PATCH NOW
BLOCK IPS
🦠
500
Malware
🎯
0
C2 Servers
🔗
500
Mal URLs
📦
500
Payloads
🔓
100
CVEs
🔐
500
SSL Certs
🔑
97
JA3
☠️
500
ThreatFox
🌐
15
IPs
📊 Data Coverage
Total Collected:
2713
Total IOCs:
2597
CVE References:
397
Display Limit:
100/table
CVEs
100 / 100
100%
URLs
100 / 500
20%
Malware
100 / 500
20%
IPs
15 / 15
100%
Payloads
100 / 500
20%
SSL Certs
100 / 500
20%
JA3
97 / 97
100%
ThreatFox
100 / 500
20%
📤 Exportable IOC Summary (Click to download CSV)
🦠 Top Malware Families
VShell
244
NetSupport
159
Mirai
116
ClearFake
88
AgentTesla
56
Mozi
51
Quasar RAT
38
Formbook
32
☠️ ThreatFox IOC Types
ip:port
268
domain
189
url
43
📁 File Types
unknown
513
dll
149
html
135
elf
111
exe
22
js
15
🔐 SSL Blacklist Reasons
Vidar C&C
122
OffLoader C&C
59
ACRStealer C&C
53
QuasarRAT C&C
47
RatonRAT C&C
30
PureHVNC C&C
30
🔑 JA3 Malware Types
Tofsee
45
Adware
24
TrickBot
9
Dridex
4
Quakbot
2
Gozi
2
🔓 Vulnerability Intelligence
100 shown / 100 total| CVE ID | Severity | CVSS | EPSS | Percentile | Priority |
|---|---|---|---|---|---|
| CVE-2019-25696 | HIGH | 8.8 | 0.03% | 9.8% |
|
| CVE-2019-25694 | HIGH | 8.8 | 0.08% | 24.2% |
|
| CVE-2019-25692 | HIGH | 8.8 | 0.03% | 9.3% |
|
| CVE-2019-25690 | HIGH | 8.8 | 0.03% | 9.3% |
|
| CVE-2019-25688 | HIGH | 8.8 | 0.08% | 24.2% |
|
| CVE-2019-25687 | CRITICAL | 9.3 | 0.39% | 60.4% |
|
| CVE-2019-25686 | HIGH | 8.7 | 0.16% | 37.0% |
|
| CVE-2019-25685 | HIGH | 8.7 | 0.18% | 40.1% |
|
| CVE-2019-25684 | HIGH | 8.8 | 0.08% | 23.7% |
|
| CVE-2019-25683 | MEDIUM | 6.9 | 0.01% | 3.1% |
|
| CVE-2019-25682 | MEDIUM | 5.3 | 0.01% | 2.3% |
|
| CVE-2019-25681 | HIGH | 8.6 | 0.02% | 3.6% |
|
| CVE-2019-25680 | HIGH | 8.8 | 0.09% | 24.8% |
|
| CVE-2019-25679 | HIGH | 8.5 | 0.01% | 2.8% |
|
| CVE-2019-25678 | HIGH | 8.8 | 0.06% | 18.4% |
|
| CVE-2019-25677 | MEDIUM | 6.9 | 0.01% | 2.7% |
|
| CVE-2019-25676 | HIGH | 8.8 | 0.13% | 32.4% |
|
| CVE-2019-25675 | HIGH | 8.8 | 0.19% | 41.0% |
|
| CVE-2019-25674 | HIGH | 8.8 | 0.24% | 47.8% |
|
| CVE-2019-25673 | HIGH | 8.7 | 0.07% | 20.6% |
|
| CVE-2019-25672 | HIGH | 8.8 | 0.08% | 23.7% |
|
| CVE-2019-25671 | HIGH | 8.7 | 0.41% | 61.4% |
|
| CVE-2019-25670 | HIGH | 8.6 | 0.02% | 4.2% |
|
| CVE-2019-25669 | HIGH | 8.8 | 0.03% | 9.8% |
|
| CVE-2019-25668 | HIGH | 8.8 | 0.09% | 25.9% |
|
| CVE-2019-25667 | MEDIUM | 6.9 | 0.01% | 3.2% |
|
| CVE-2019-25666 | MEDIUM | 6.9 | 0.01% | 3.2% |
|
| CVE-2019-25665 | MEDIUM | 6.9 | 0.01% | 3.2% |
|
| CVE-2019-25664 | HIGH | 7.1 | 0.03% | 8.0% |
|
| CVE-2019-25663 | HIGH | 7.1 | 0.03% | 8.0% |
|
| CVE-2019-25662 | HIGH | 8.8 | 0.09% | 24.9% |
|
| CVE-2019-25661 | MEDIUM | 6.9 | 0.01% | 3.2% |
|
| CVE-2019-25660 | MEDIUM | 6.9 | 0.01% | 3.2% |
|
| CVE-2019-25659 | MEDIUM | 6.9 | 0.01% | 3.2% |
|
| CVE-2019-25658 | MEDIUM | 6.8 | 0.02% | 4.0% |
|
| CVE-2019-25657 | MEDIUM | 6.8 | 0.02% | 4.0% |
|
| CVE-2019-25656 | HIGH | 8.6 | 0.02% | 4.3% |
|
| CVE-2018-25256 | MEDIUM | 6.8 | 0.02% | 4.0% |
|
| CVE-2026-5595 | MEDIUM | 5.3 | 0.07% | 21.0% |
|
| CVE-2026-5594 | MEDIUM | 5.3 | 0.05% | 15.0% |
|
| CVE-2026-5587 | MEDIUM | 5.3 | 0.03% | 8.3% |
|
| CVE-2026-5586 | MEDIUM | 5.3 | 0.01% | 1.0% |
|
| CVE-2026-5585 | MEDIUM | 5.5 | 0.04% | 11.6% |
|
| CVE-2026-5584 | MEDIUM | 6.9 | 0.06% | 17.9% |
|
| CVE-2026-5583 | MEDIUM | 5.3 | 0.01% | 1.2% |
|
| CVE-2026-5580 | MEDIUM | 5.3 | 0.01% | 1.2% |
|
| CVE-2026-5579 | MEDIUM | 5.3 | 0.01% | 1.2% |
|
| CVE-2026-5578 | MEDIUM | 5.3 | 0.01% | 1.2% |
|
| CVE-2026-5577 | MEDIUM | 6.9 | 0.04% | 10.9% |
|
| CVE-2026-5576 | MEDIUM | 5.1 | 0.01% | 2.5% |
|
🌐 Enriched IP Intelligence
15 shown / 15 total| IP Address | Risk Score | GreyNoise | Abuse % | Ports | ISP | TOR |
|---|---|---|---|---|---|---|
| 142.4.6.57 |
|
unknown | 0% | 99320829952086 |
Unified Layer | |
| 162.144.127.197 |
|
unknown | 0% | 99320824432086 |
Unified Layer | |
| 5.9.178.143 |
|
unknown | 0% | 8022 |
Closco Ltd | |
| 49.212.179.180 |
|
unknown | 0% | 8044322 |
SAKURA Internet Inc. | |
| 67.213.75.205 |
|
unknown | 0% | 1651884 Ontario Inc. | ||
| 192.73.238.101 |
|
unknown | 0% | RAMNODE | ||
| 51.178.161.32 |
|
unknown | 0% | OVH SAS | ||
| 194.58.98.196 |
|
unknown | 0% | 22 |
Reg.Ru Hosting | |
| 64.225.35.35 |
|
unknown | 0% | DigitalOcean, LLC | ||
| 195.159.28.230 |
|
unknown | 0% | 993995587143 |
Jpg AS | |
| 93.186.200.154 |
|
unknown | 0% | fast IT Colocation | ||
| 103.61.101.11 |
|
unknown | 0% | 200082918081 |
Calcify It Services ... | |
| 37.139.2.140 |
|
unknown | 0% | DigitalOcean | ||
| 23.160.192.125 |
|
unknown | 0% | NetInformatik Inc. | ||
| 195.231.69.151 |
|
unknown | 0% | 338922 |
Aruba S.p.A. - Cloud... |
🦠 Malware Samples
100 shown / 500 total| SHA256 | Family | Name |
|---|---|---|
| deda565034825a571345fe2dbc46e5ecf4d1efb36a569c7b6f08b5c2be2b46f2 | Mirai | iran.armv7l |
| 91a54d1d72dadb38f5da5f25121a715f42293487f9079af16830c3e3a6f0734a | VENON | 91a54d1d72dadb38f5da5f251... |
| 6029a278d4c0525bd9aaa754fcfb9c3c6b652249a26ff4592b42b9a9434d5d60 | QuasarRAT | usbfallback.exe |
| eacf61c74998fc5e8ab1e429fb352ef66f8c017a1cf9841006d7711529b1bd69 | DonutLoader | file |
| bd03b89a90c9a144dff3ea4baf5f1d96744f6c39634a59a7fea05462edd8f6ab | NetSupport | SecuriteInfo.com.Variant.... |
| 98472b134ae427132d830061d85ad2251cdc9c8901ae84fb435d75ed383c0763 | AgentTesla | transferencia interbancar... |
| 045d995dee9b3fba080415be55c932f245582c44d70243fc3fbf0174fd3495bd | Patchwork | Report_2026.lnk |
| 67ce3a585c7bc978400957070670c70502d8deb4e4c6b583894e6c428489cfa8 | ConnectWise | SecuriteInfo.com.Riskware... |
| 51acbd2c6429c059ab63b23ad2a756d31396f8c22ab034cb7f0e8931b94b89bc | ConnectWise | SecuriteInfo.com.Riskware... |
| 52addbccf07f023efef348bbd8c74dbc588f65ab2ddb69b9e676fa0b768c0b99 | ConnectWise | SecuriteInfo.com.Riskware... |
| 3bb89515ab455a2c8f2918903d34a2cd48704c66f24cfbe85c97cc097bd3b364 | ConnectWise | SecuriteInfo.com.Riskware... |
| 05264c0d02cba4c2cff50fcc150d710a828ae00da9e68889dbf4c1a95b9ee224 | NetSupport | SecuriteInfo.com.Variant.... |
| 90a701b03fa0adc946424c7994fafaebbb2e7b4719321b4bdeff965ab977925f | ConnectWise | SecuriteInfo.com.Riskware... |
| 0584a4d9b81532aa96c0fd45d8cd4afe67c473bb65a02ca3770d1e3e9ec28073 | ConnectWise | SecuriteInfo.com.Riskware... |
| 2648d53e4c8ac63822b99f2b79a80770e2c2c33212232bde298a6f08d1a33d49 | ConnectWise | SecuriteInfo.com.Riskware... |
| 0379f27b831b654c5c583e92c60c1aecf54e1ebcfc615e57969d06681d58d329 | N-W0rm | Product list_MR-15-0434.v... |
| 9312d0d6ac5933420c803540f90fd6a41150f14077d1d3a920b1c9a99d76c2a8 | XWorm | Purchase Order_003936-Xls... |
| 6f2d24d940e83558b7cac5b0b1463c960a8d3e7a4cf901564e6b7b707d4eda12 | AgentTesla | 20260415-03841.js |
| 26f376b50d02bd8fc0d3e12eec55e97f2b24ca221a8463980bcdfc380bb683d5 | PhantomStealer | fdm.vbs |
| 0457c03d79b8d12822ee5d90b01b4f7b1b43217dc9aa1ce8916e425189298336 | MassLogger | rocc3478k1.vbs |
| 1b5e3ca2e7315340690614af58d442221e3a00f451c6f206f053773ddf80c72b | DonutLoader | Doc0010005239.JS |
| ff21a907e02f5ac9e58543c9ddd8f259f1c5f5f4298a1df45aa6c93dff471462 | Formbook | U prilogu 879-0982-4326-p... |
| 79adda629a75a9542cf077e0f1b5837bba85c758b2ea31e735097097689fa0f1 | Formbook | Wire payment pdf.js |
| 54606f52cc55c899e1693a7b2b82c786380e885108dd9c18f8c5170b2d22483f | AgentTesla | Pre-alert.js |
| c34d450925e87b99990ceaa3e7d6f1f02c846dd981f4d7fb8b9331ec89fa4fdd | AgentTesla | HT02528_8w77.js |
| c16b9549139f0b8f9957cf939fd37eaa1793af61e303af88cffee376e32cd9e6 | AgentTesla | Inquiry.JS |
| e1a3a8937909e56d86692fda412312603951a3ea20abf730d538d2e07fda06a3 | Formbook | BB MATE FATT.1-206.js |
| 1f09085d69f59c49d58ac2223dfb09a5b3f33d76fee6a77c99e342c1d0d6a4e8 | PureHVNC | NEW ORDER--GO23B00526.js |
| 0801218cdfbcd063548445e707ab1e0abbca664077c21330f4103fdc63eec331 | Formbook | offlinejs.js |
| bc3ac9ee4158d4ab67adcf4dc4c4134ad68335438b7e5afdcddbb24c2e832a91 | Formbook | RFQ PACKAGE Banco Group S... |
| 5870431bba2eb9f652fc6eac4b10ee9a7159a876ad629771bca74f0add385ed9 | AgentTesla | PAYMENT RECEIPT.js |
| b8353325921b8fa9dc719252c25fd2e9e460cc5de76f4ba0849641e150b545e9 | PhantomStealer | Quote QU-0424.js |
| 9d27ae295284736c1db47fc319ed7e460bf8d5f2ca3081eeba0eeaf4cc4f285a | AgentTesla | Solicitud de cotización -... |
| f91b0a2e9b51f33f6fe1ed3d8f28620a1c10219f8a280ed8e5c321824a774166 | Formbook | Order Request - CSR-204S0... |
| 566c49c5bc4d5edd2e331460a0e5f8ca0ffbfd9fcdd3d4a964779a2f19159fc1 | AgentTesla | docx.JS |
| 2457e6fb404a2df5e0e9e989adf2b6b8cd56bd07a156c9c3854851f582945b18 | PhantomStealer | order - 19008.js |
| a9162085e46a67728e0f4a05a1adaeb4221ccffb0954b1ec80e976250307450a | RemcosRAT | Gloves_PRMXTAOO6OO6.JS |
| 49143d53152b124ca1e1dc3c80d93ac71273d076b8c05721655a693ff31a0849 | RemcosRAT | odeme-PDF.bat |
| 9ed326af6d4654726024516910d0b04f395db2216dc6c998adaa2db2639f0fde | RemcosRAT | yeni.odeme-pdf.bat |
| 41afa43a3aea61c4b0eb08892fec971037c87a7df05daada19e4d87a4df2fc9b | Formbook | DHL-PAYMENTOVERDUE-1STREM... |
| bf70216afcd00c6f444061bbf8674f7e87166e7e78864621442f178903cca262 | AgentTesla | 文档82524.exe |
| d18f44233eedff915615c7d618a50c3fefbd571d0b70e83b4e01339097d208ea | MeshAgent | setup.ps1 |
| 77909608655f3081e0a5003e967326a4b57f7f1285e659c58d3aeab9b6778a64 | RemcosRAT | Order_list_6000069128_Ecl... |
| b4e80f7bb2c6048f0918b039aa8ad5d54d27d0771cf844c30b60e1ca797f2dc0 | RemcosRAT | goodthingswithbestspeakfo... |
| 9a7c87d58a7ab1f2d99c5390d04c3875e41587b46f0632518e6108286ca45e2c | Stealc | 525252_x64.exe |
| 79aeaec3b6fa8deec5afb13183ad98653203b9c321ecd0652022d6aa0eee2a57 | Facefish | libs.so |
| 2247dabbce0440efd334eab9cc815629b3154d0f732782b463f6c74e0c13e31d | njrat | 2247dabbce0440efd334eab9c... |
| fdfc6320673afaf42fb7161e75814d9dc98c77057456bb375b1afdaf55e9bcb9 | Bifrose | fdfc6320673afaf42fb7161e7... |
| 966db77aadcffd5a26f558080d931473816f2c823105899226b78d513f9a9fa5 | AgentTesla | 966db77aadcffd5a26f558080... |
| d4d1f46ee0dcac7bb04ac3689a85c3e9afa4d21f0b96a1ba9ca1383476703ed3 | Stealc | crypted.exe |
🎯 C2 Infrastructure
0 shown / 0 total| IP | Port | Family | Status |
|---|---|---|---|
| No data | |||
🔗 Malicious URLs
100 shown / 500 total| URL | Threat | Status | SURBL | Spamhaus | Tags |
|---|---|---|---|---|---|
| https://proxyeas.zor2laven.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80df... | malware_download | online | listed | abused_legit_malware | ClearFakeNetSupport |
| http://110.37.39.88:56139/bin.sh | malware_download | online | not listed | not listed | 32-bitarm |
| http://27.207.211.54:46717/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://42.224.80.157:38990/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| https://h4rve5-loop.zor2laven.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d8... | malware_download | online | listed | abused_legit_malware | ClearFakeNetSupport |
| http://110.36.27.186:39096/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://219.156.91.202:42546/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://42.225.203.48:53522/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://bm1rtmr.zor2laven.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80df5... | malware_download | online | listed | abused_legit_malware | ClearFake |
| https://xxvxsk4x.zor2laven.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80df... | malware_download | online | listed | abused_legit_malware | ClearFakeNetSupport |
| http://222.137.95.141:38054/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://219.155.211.180:39386/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| https://mervaleon1.prax9vitor.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d8... | malware_download | online | listed | abused_legit_malware | ClearFakeNetSupport |
| https://vialstr.prax9vitor.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80df... | malware_download | online | listed | abused_legit_malware | ClearFakeNetSupport |
| http://110.36.27.186:39096/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://182.126.115.143:43465/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| https://lnrjp.prax9vitor.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80df5d... | malware_download | online | listed | abused_legit_malware | ClearFakeNetSupport |
| https://par5e-array.prax9vitor.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d... | malware_download | online | listed | abused_legit_malware | ClearFakeNetSupport |
| https://arrayshore.prax9vitor.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d8... | malware_download | online | listed | abused_legit_malware | ClearFakeNetSupport |
| https://nnid.prax9vitor.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80df5d1... | malware_download | online | listed | abused_legit_malware | ClearFakeNetSupport |
| https://freshstorage.kry3qelin.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d... | malware_download | offline | listed | abused_legit_malware | ClearFakeNetSupport |
| http://39.87.29.232:59399/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| https://neo-tok3.kry3qelin.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80df... | malware_download | online | listed | abused_legit_malware | ClearFakeNetSupport |
| https://proto-dynam1.kry3qelin.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d... | malware_download | offline | listed | abused_legit_malware | ClearFakeNetSupport |
| http://122.193.144.146:34187/i | malware_download | online | not listed | not listed | 32-bitarm |
| https://massivespectra.kry3qelin.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-... | malware_download | online | listed | abused_legit_malware | ClearFakeNetSupport |
| https://solnex0ex.kry3qelin.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80d... | malware_download | offline | listed | abused_legit_malware | ClearFakeNetSupport |
| https://registryfaithful.kry3qelin.in.net/05fe317c-0981-4de2-bc8a-930d369db441/c... | malware_download | offline | listed | abused_legit_malware | ClearFakeNetSupport |
| http://119.187.202.59:35563/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://wilpol.tul7morax.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80df5d... | malware_download | offline | listed | abused_legit_malware | ClearFakeNetSupport |
| http://122.193.144.146:34187/bin.sh | malware_download | online | not listed | not listed | 32-bitarm |
| https://birdout.tul7morax.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80df5... | malware_download | online | listed | abused_legit_malware | ClearFakeNetSupport |
| http://110.36.15.18:33075/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| https://queryguard.tul7morax.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80... | malware_download | offline | listed | abused_legit_malware | ClearFakeNetSupport |
| http://182.119.15.169:58470/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://119.187.202.59:35563/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| https://bay-banne.tul7morax.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80d... | malware_download | offline | listed | abused_legit_malware | ClearFakeNetSupport |
| https://sercore2or.tul7morax.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80... | malware_download | online | listed | abused_legit_malware | ClearFakeNetSupport |
| http://115.60.249.5:55895/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://5ync-lab.tul7morax.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80df... | malware_download | offline | listed | abused_legit_malware | ClearFakeNetSupport |
| https://encodersensor.vex1laxon.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3... | malware_download | offline | listed | abused_legit_malware | ClearFakeNetSupport |
| https://shiftcascade.vex1laxon.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d... | malware_download | offline | listed | abused_legit_malware | ClearFakeNetSupport |
| http://113.236.158.22:37929/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://flovv-chain.vex1laxon.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d8... | malware_download | offline | listed | abused_legit_malware | ClearFakeNetSupport |
| http://115.60.249.5:55895/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| https://ychgg.vex1laxon.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d80df5d1... | malware_download | offline | listed | abused_legit_malware | ClearFakeNetSupport |
| https://pastefy.app/1blfqyva/raw | malware_download | offline | not listed | abused_legit_malware | |
| https://streambreeze.vex1laxon.in.net/05fe317c-0981-4de2-bc8a-930d369db441/ck-3d... | malware_download | offline | listed | abused_legit_malware | ClearFakeNetSupport |
| http://113.233.58.128:49872/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://196.189.111.43:54726/i | malware_download | online | not listed | not listed | 32-bitarm |
📦 URLhaus Payloads (with VirusTotal)
100 shown / 500 total| SHA256 | Family | Type |
|---|---|---|
| 0d8f674e99a8b69386a0de9b777c87c964fa32dc974ceb56df5c759b79246dc1 | -- | html |
| 12639f9ee025f50371dba751f8a74a7c958e573f3b99f1ecc535a5aa5653c0da | -- | html |
| 524446f8632e0c83fd0aac15ce09c8ea23217141e275a051e4f651800dfde7a3 | -- | elf |
| dbc6feb4448c65fddc9ad7db126653aa0b334a5ec82ee1a3385719cc05624f51 | -- | hta |
| 3870e0b7a1aa64334ce72545abd0384c03d9f22ca9c81606b897c3d42d878d0d | -- | html |
| bb12c06382d1bee9f5a60df4a361d8ef1bac1e3e27ffb2ade260100dc2283cb7 | -- | html |
| 951cf3eb51fce0a993f923923fd121c8ffae89a81502ec8fbddaa896eaedf965 | NetSupport | dll |
| bc703c76c641bf829715db4de53f8d8461e5a69c41db3ef29f5d489a9afa36c0 | -- | html |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | -- | elf |
| 12013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0ef | -- | elf |
| e2aa11e81aab1a4b7c4dad49b36ac3b5d248c086781b2d59fbc7db50527748c5 | -- | elf |
| 6e66124e71312c01e9b93c027bd70baeae801444d26009a0447bac5b44e2fff6 | -- | html |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | -- | elf |
| c74aa508b18e9a395786b0b38b2a90a4c7b9aacd6a68be59bd7c2e6b2f428c84 | -- | ps1 |
| db7041e2f74ba1581a02e31080961dfb8ed810329fc0befd447d96ae8ef0245f | -- | exe |
| 640410da531d48aab69dedd989e2291627256ad35383939884bd37ab97df8138 | -- | html |
| 948e0c5c339e85203606f09aad9a6a8ba67c612b5ceff68e5dd6dac3456768e7 | -- | html |
| 490f75e1bd313341105f1a714538af7be0e9e41859a67b9bd506fbc559dd3df7 | -- | html |
| 951cf3eb51fce0a993f923923fd121c8ffae89a81502ec8fbddaa896eaedf965 | NetSupport | dll |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | -- | elf |
| 5988706e76bb04930a9308a3003f93efc0f20fa4c51c11df4d50dfa29a326179 | -- | html |
| 951cf3eb51fce0a993f923923fd121c8ffae89a81502ec8fbddaa896eaedf965 | NetSupport | dll |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | -- | elf |
| 53699e97a89a06c39535089f3d33b2fa0c5a217a0b14a58a03f16b9b1513fe3f | -- | html |
| 951cf3eb51fce0a993f923923fd121c8ffae89a81502ec8fbddaa896eaedf965 | NetSupport | dll |
| 3b3644990a88a7efe9d8a957ba58b752342eb625695f28c02d63dbcf86141d83 | -- | html |
| 94a31dc0adaaf3b6f447fd6cd0ecc792eb075c7c1929438fcb59b0e8bae7bd11 | -- | json |
| b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605 | -- | elf |
| f293e6f6c46e9dbf0b2407805b8d6c63ee7ec8f94778850ed9533cec9a6a7d98 | -- | dll |
| 6465fd9a05e032ef33b599d6bed2f0173ee2d55ca53dd3c98baa8b423a98d364 | -- | html |
| c8402bc6521d76fbced8063250dba16bce51f5710ae134e13ba21b8375e2a5a4 | -- | html |
| bd03b89a90c9a144dff3ea4baf5f1d96744f6c39634a59a7fea05462edd8f6ab | NetSupport | dll |
| 627616941c74580de1cc1028703404053d44a3bf07861e0f0d8fce4bd7750011 | -- | html |
| 44c2db6832f6b569625c47fa6fe568681f5a2a891830a05256734c90a10f8b3b | -- | html |
| 3957122fde1819fc2b70dd948cb9b7ae17a195c5ea7270186d1520832174add2 | -- | html |
| deda565034825a571345fe2dbc46e5ecf4d1efb36a569c7b6f08b5c2be2b46f2 | Mirai | elf |
| bd03b89a90c9a144dff3ea4baf5f1d96744f6c39634a59a7fea05462edd8f6ab | NetSupport | dll |
| dc9883a3bbc27c192b98a96222ee3437c0f8ebd82e577bff834e31730adda733 | -- | html |
| 1b2385d00d739971ef487fae1d27769724f96b8c835fab16e6fa24eae3c40942 | -- | html |
| bd03b89a90c9a144dff3ea4baf5f1d96744f6c39634a59a7fea05462edd8f6ab | NetSupport | dll |
| 8a42c72295e940000704fee4930d9d970736cb452752c1e175d849f27c6deebc | -- | html |
| b5cf68c7cb5bb2d21d60bf6654926f61566d95bfd7c9f9e182d032f1da5b4605 | -- | elf |
| c390b1f784601f119e0de5513da803cd335777f1ba330067086670fa76a951de | CoinMiner | exe |
| 940f1a1dd689885f01eb294b970c8a7b4de31731a41b92cfe2281512fb4bc032 | -- | hta |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| bd03b89a90c9a144dff3ea4baf5f1d96744f6c39634a59a7fea05462edd8f6ab | NetSupport | dll |
| bd03b89a90c9a144dff3ea4baf5f1d96744f6c39634a59a7fea05462edd8f6ab | NetSupport | dll |
| c09f87a1f9a8a34b34bf053d778d9097c958c1d83552454525965cbbcca06a48 | -- | js |
| eadb58f890af038861d9eea18fcbe16e3f524bd93d50a0b0c47fdbc1cbceca16 | -- | html |
| dc97b271e1832abb5c113956e1bed5d1532e535c082a5af7f80bf50b907fadd6 | -- | hta |
☠️ ThreatFox IOCs
100 shown / 500 total| IOC | Type | Malware | Confidence | Threat |
|---|---|---|---|---|
| lps08.zor2laven.in.net | domain | ClearFake |
|
payload_delivery |
| 45.153.34.18:56001 | ip:port | Unknown RAT |
|
botnet_cc |
| 45.153.34.18:56002 | ip:port | Unknown RAT |
|
botnet_cc |
| 45.153.34.18:56003 | ip:port | Unknown RAT |
|
botnet_cc |
| telemetrydata.to | domain | Unknown RAT |
|
botnet_cc |
| https://weedhack.xyz/files/jar/Pjibf.exe | url | PureLogs Steale... |
|
payload_delivery |
| proxyeas.zor2laven.in.net | domain | ClearFake |
|
payload_delivery |
| http://217.69.2.135/darwin-universal/%2B... | url | GlassWorm |
|
payload_delivery |
| http://217.69.2.135/darwin-universal/%2B... | url | GlassWorm |
|
payload_delivery |
| http://217.69.2.135/get_arhive_npm/Zkew%... | url | GlassWorm |
|
payload_delivery |
| http://217.69.3.51/lYc8y7qfNjkARpt8FxAZs... | url | GlassWorm |
|
payload_delivery |
| http://217.69.2.135/HUWe6R8FWrnq2XaXMjon... | url | GlassWorm |
|
payload_delivery |
| h4rve5-loop.zor2laven.in.net | domain | ClearFake |
|
payload_delivery |
| api.yanhh3d.day | domain | AsyncRAT |
|
botnet_cc |
| bm1rtmr.zor2laven.in.net | domain | ClearFake |
|
payload_delivery |
| kaspar-studio.ru | domain | StrelaStealer |
|
payload_delivery |
| xxvxsk4x.zor2laven.in.net | domain | ClearFake |
|
payload_delivery |
| mervaleon1.prax9vitor.in.net | domain | ClearFake |
|
payload_delivery |
| malware.damviet.net | domain | AsyncRAT |
|
botnet_cc |
| damviet.net | domain | AsyncRAT |
|
botnet_cc |
| vialstr.prax9vitor.in.net | domain | ClearFake |
|
payload_delivery |
| 86.135.2.35:7752 | ip:port | Quasar RAT |
|
botnet_cc |
| lnrjp.prax9vitor.in.net | domain | ClearFake |
|
payload_delivery |
| par5e-array.prax9vitor.in.net | domain | ClearFake |
|
payload_delivery |
| arrayshore.prax9vitor.in.net | domain | ClearFake |
|
payload_delivery |
| nnid.prax9vitor.in.net | domain | ClearFake |
|
payload_delivery |
| freshstorage.kry3qelin.in.net | domain | ClearFake |
|
payload_delivery |
| neo-tok3.kry3qelin.in.net | domain | ClearFake |
|
payload_delivery |
| cpch.us.com | domain | Unknown malware |
|
payload_delivery |
| proto-dynam1.kry3qelin.in.net | domain | ClearFake |
|
payload_delivery |
| massivespectra.kry3qelin.in.net | domain | ClearFake |
|
payload_delivery |
| solnex0ex.kry3qelin.in.net | domain | ClearFake |
|
payload_delivery |
| registryfaithful.kry3qelin.in.net | domain | ClearFake |
|
payload_delivery |
| wilpol.tul7morax.in.net | domain | ClearFake |
|
payload_delivery |
| birdout.tul7morax.in.net | domain | ClearFake |
|
payload_delivery |
| queryguard.tul7morax.in.net | domain | ClearFake |
|
payload_delivery |
| bay-banne.tul7morax.in.net | domain | ClearFake |
|
payload_delivery |
| sercore2or.tul7morax.in.net | domain | ClearFake |
|
payload_delivery |
| 5ync-lab.tul7morax.in.net | domain | ClearFake |
|
payload_delivery |
| encodersensor.vex1laxon.in.net | domain | ClearFake |
|
payload_delivery |
| https://arrayhouse.org/SqX55Z32TtCh/oA3g... | url | Unknown malware |
|
botnet_cc |
| arrayhouse.org | domain | Unknown malware |
|
botnet_cc |
| psca-gop.org | domain | Unknown RAT |
|
payload_delivery |
| shiftcascade.vex1laxon.in.net | domain | ClearFake |
|
payload_delivery |
| flovv-chain.vex1laxon.in.net | domain | ClearFake |
|
payload_delivery |
| ychgg.vex1laxon.in.net | domain | ClearFake |
|
payload_delivery |
| streambreeze.vex1laxon.in.net | domain | ClearFake |
|
payload_delivery |
| https://byte-shard.top/metrics/reset-tra... | url | SmartApeSG |
|
payload_delivery |
| byte-shard.top | domain | SmartApeSG |
|
payload_delivery |
| https://byte-shard.top/metrics/trace-hoo... | url | SmartApeSG |
|
payload_delivery |
🔐 SSL Blacklist
100 shown / 500 total| SHA1 Fingerprint | Reason | Listed |
|---|---|---|
| c41b9af97db6c261ebd747f97b334a780bb2667d | CobaltStrike C&C | 2026-04-15 11:33:01 |
| 6b9710d5bb761d4f36d1f99ee108052dee0a6b86 | CobaltStrike C&C | 2026-04-15 11:30:59 |
| a04036db29a3c4ab6e89e5a535baecc8b678fbb9 | OffLoader C&C | 2026-04-15 11:16:21 |
| 4d303a7858b8d0411d6f171866329cdcb69e81d3 | ConnectWise C&C | 2026-04-15 07:45:29 |
| 0db9a318abda4351b84491535bd4d9ee01a88bfa | RatonRAT C&C | 2026-04-15 07:14:21 |
| 272e76f605bec1da1ea719df8dc0e7269de7d44e | LummaStealer C&C | 2026-04-15 07:12:40 |
| 55cbbc80d889fa59b5b473a4215f05f7273b76c4 | Vidar C&C | 2026-04-15 07:11:52 |
| 4fd73d3921ff83cf350667813040a50f53198e59 | Guildma C&C | 2026-04-15 07:10:10 |
| b6f66c511f1e9320019cfd3971931cd37163cbbb | KongTuke C&C | 2026-04-15 06:14:11 |
| 54cd35dc5d5f8e7068ccd2c1d24222187784f90a | QuasarRAT C&C | 2026-04-14 19:46:46 |
| b8ae63dd53d505cb98dd64ca45a403a6ed27f0f6 | ACRStealer C&C | 2026-04-14 19:46:38 |
| 1453001dfb3bf2cee3dfdd70352e4c2ede0e9793 | PureHVNC C&C | 2026-04-14 12:44:34 |
| eb1d7370d422c478efcaad0a0c7c2a7baacc2455 | AsyncRAT C&C | 2026-04-14 11:06:02 |
| 40c8ac808a2cf7072bded365f6ef366c95188a35 | Vidar C&C | 2026-04-14 10:48:12 |
| 08715a9d4e9ce7466225ad56845853f652053ab9 | ACRStealer C&C | 2026-04-14 09:29:45 |
| 62db81002bfaa1cbb0142baf9bac6651fb627aee | STXRAT C&C | 2026-04-14 09:00:30 |
| 8ef1132c5f69f71c7a9cd95eae9da41763238767 | Vidar C&C | 2026-04-14 08:46:33 |
| 9f1acf378f9d9cbefe0cfd1968c5193a6a804237 | Vidar C&C | 2026-04-14 08:40:39 |
| e2f5ea85358623b750f6d5bab64b2ad3ae085123 | ACRStealer C&C | 2026-04-14 07:41:53 |
| d06a26078f89783a6ed1c48a4add84247615a0ae | ACRStealer C&C | 2026-04-14 07:40:43 |
| 1598b0902f425d5a4895a58e5c48ebe96f9df1b5 | OffLoader C&C | 2026-04-14 06:14:57 |
| 174efb22d3859570e513fd87b17af9cbf106c980 | RatonRAT C&C | 2026-04-14 06:14:08 |
| 0e54a9ea48587f39773ad27d4a8238ee19240408 | OffLoader C&C | 2026-04-14 06:05:36 |
| fc60a49594bb081973d6856eebaabbc30730c446 | RatonRAT C&C | 2026-04-14 06:05:06 |
| 77a62d508af0ee7022457ef5c65fd44db69a008e | NetSupport C&C | 2026-04-14 06:04:53 |
| 14728567db9ecd6e5f46c9e884f99d29c70788e2 | Vidar C&C | 2026-04-14 06:04:39 |
| 3f47e7722a1bf5a9228b96c634ad54cf66fbbe18 | RatonRAT C&C | 2026-04-14 06:04:17 |
| 5b20fb9d9a21e7a5d4be3b3a83063e9b3172d35d | AsyncRAT C&C | 2026-04-14 06:04:02 |
| 8e8d2629ca6f5b6750c69e687fa4c08e5a53616d | OffLoader C&C | 2026-04-14 06:02:51 |
| f91937b78dc36f7f7b9ff70f0f53afeefe7ad31d | QuasarRAT C&C | 2026-04-14 06:02:08 |
| 3c04424fca43ca40617cd9176b41d17db89903c8 | OffLoader C&C | 2026-04-14 06:01:06 |
| 3b156fe2530903bc8e21ee5d719c63a917619490 | RatonRAT C&C | 2026-04-14 05:58:56 |
| 021068795797aa6c83cb175fed0fc5da9247e7ca | AsyncRAT C&C | 2026-04-13 12:24:45 |
| c02490981880a8827ecc22ee918275d443173cf9 | OffLoader C&C | 2026-04-13 12:24:05 |
| e3555b48a77af5b8012ecc54676f7123783f7549 | Malware distribution | 2026-04-13 12:18:55 |
| 1895b08f5a49e666e1ed20d115b4960b05a2c01c | RatonRAT C&C | 2026-04-13 12:09:08 |
| fddec1007b0bfffee14304afaeff19a985c3b4c8 | DeerStealer C&C | 2026-04-13 09:48:00 |
| f8f2497277c03b96a3b4a8ef77e0a0792478fae5 | Vidar C&C | 2026-04-12 14:59:29 |
| 9adbaea1d6a8bc4c4065569a77ddd9592de54f6e | ConnectWise C&C | 2026-04-12 14:58:28 |
| 77ebda500a4e89331291ca82c91d3609d7cd093e | ConnectWise C&C | 2026-04-12 14:58:10 |
| 6e76ede9fb607e6701bf05cdf72378a0bd082d0f | AsyncRAT C&C | 2026-04-12 14:57:33 |
| 4745a0ee817161b42ab57535d0f597b3b3f29826 | PureHVNC C&C | 2026-04-12 14:56:18 |
| d99c3d7ed9e8aa5947b8675eadbee2ae11085f38 | OffLoader C&C | 2026-04-12 14:53:10 |
| 542cbd3458be0c8682edaf5b48d9d8383a566db1 | ConnectWise C&C | 2026-04-12 14:52:07 |
| a017b686ecf8d93d89bb2b46627c2c99d1aa7801 | AsyncRAT C&C | 2026-04-12 14:51:58 |
| 8e492af421bd1211dd06ba6a74ae62bf2bd72277 | RatonRAT C&C | 2026-04-12 14:48:36 |
| 2133b3f9828d337225f5218087ca10a290f942dc | AsyncRAT C&C | 2026-04-12 14:48:30 |
| 0a5d3ca898ee51340f483aa8f40e06c43813376e | QuasarRAT C&C | 2026-04-12 14:48:21 |
| 15027af927e6be2c77fa1083e2ba69ed7ef77ec1 | QuasarRAT C&C | 2026-04-12 14:48:10 |
| 4260f54c5745af670b1c1b98326f57335ebab626 | PureHVNC C&C | 2026-04-12 14:13:51 |
🔑 JA3 Fingerprints
97 shown / 97 total| JA3 Hash | Reason | First Seen |
|---|---|---|
| b386946a5a44d1ddcc843bc75336dfce | Dridex | 2017-07-14 18:08:15 |
| 8991a387e4cc841740f25d6f5139f92d | Adware | 2017-07-14 19:02:03 |
| cb98a24ee4b9134448ffb5714fd870ac | Dridex | 2017-07-14 19:48:28 |
| 1aa7bf8b97e540ca5edd75f7b8384bfa | TrickBot | 2017-07-14 20:23:38 |
| 3d89c0dfb1fa44911b8fa7523ef8dedb | Adware | 2017-07-15 04:23:45 |
| bc6c386f480ee97b9d9e52d472b772d8 | Adware | 2017-07-15 10:57:38 |
| 8f52d1ce303fb4a6515836aec3cc16b1 | TrickBot | 2017-07-15 19:05:11 |
| d6f04b5a910115f4b50ecec09d40a1df | Dridex | 2017-07-15 19:42:24 |
| 35c0a31c481927f022a3b530255ac080 | Tofsee | 2017-07-15 19:43:19 |
| e330bca99c8a5256ae126a55c4c725c5 | Adware | 2017-07-15 19:59:29 |
| d551fafc4f40f1dec2bb45980bfa9492 | Adware | 2017-07-15 19:59:29 |
| 83e04bc58d402f9633983cbf22724b02 | Adware | 2017-07-16 01:32:03 |
| b8f81673c0e1d29908346f3bab892b9b | Adware | 2017-07-16 01:32:03 |
| 70722097d1fe1d78d8c2164640ab6df4 | Tofsee | 2017-07-16 02:39:08 |
| 9c2589e1c0e9f533a022c6205f9719e1 | Adware | 2017-07-16 08:37:17 |
| 849b04bdbd1d2b983f6e8a457e0632a8 | Adware | 2017-07-16 08:37:17 |
| 16efcf0e00504ddfedde13bfea997952 | Adware | 2017-07-16 19:45:45 |
| 4d7a28d6f2263ed61de88ca66eb011e3 | Tofsee | 2017-07-16 21:20:29 |
| 550dce18de1bb143e69d6dd9413b8355 | Adware | 2017-07-16 22:17:20 |
| c50f6a8b9173676b47ba6085bd0c6cee | TrickBot | 2017-07-16 22:38:41 |
| 590a232d04d56409fab72e752a8a2634 | Tofsee | 2017-07-18 18:53:24 |
| 51a7ad14509fd614c7bb3a50c4982b8c | JBifrost | 2017-07-19 07:28:19 |
| 96eba628dcb2b47607192ba74a3b55ba | Tofsee | 2017-07-19 18:53:48 |
| df5c30e670dba99f9270ed36060cf054 | Tofsee | 2017-07-20 17:44:07 |
| 098f55e27d8c4b0a590102cbdb3a5f3a | Adware | 2017-07-21 09:52:01 |
| 29085f03f8e8a03f0b399c5c7cf0b0b8 | Adware | 2017-07-22 14:07:36 |
| 46efd49abcca8ea9baa932da68fdb529 | Adware | 2017-07-22 14:07:36 |
| d7150af4514b868defb854db0f62a441 | Tofsee | 2017-07-23 09:39:24 |
| 03e186a7f83285e93341de478334006e | Tofsee | 2017-07-24 18:17:14 |
| 3cda52da4ade09f1f781ad2e82dcfa20 | Quakbot | 2017-07-30 18:41:36 |
| b13d01846ad7a14a70bf030a16775c78 | Adware | 2017-08-08 07:12:49 |
| 1543a7c46633acf71e8401baccbd0568 | Tofsee | 2017-08-08 21:32:28 |
| 1d095e68489d3c535297cd8dffb06cb9 | Tofsee | 2017-08-12 19:56:28 |
| 698e36219f3979420fa2581b21dac7ec | Adware | 2017-08-28 12:20:47 |
| 93d056782d649deb51cda44ecb714bb0 | Adware | 2017-08-28 12:20:47 |
| 1712287800ac91b34cadd5884ce85568 | TorrentLocker | 2017-08-28 16:01:59 |
| 5e573c9c9f8ba720ef9b18e9fce2e2f7 | Adware | 2017-08-30 13:44:56 |
| f6fd83a21f9f3c5f9ff7b5c63bbc179d | Adware | 2017-10-20 08:03:21 |
| 92579701f145605e9edc0b01a901c6d5 | Adware | 2017-10-23 00:10:48 |
| a61299f9b501adcf680b9275d79d4ac6 | Tofsee | 2017-11-04 18:03:59 |
| b2b61db7b9490a60d270ccb20b462826 | Adware | 2017-11-14 20:12:03 |
| 7dcce5b76c8b17472d024758970a406b | Tofsee | 2017-11-22 12:42:46 |
| 534ce2dbc413c68e908363b5df0ae5e0 | TrickBot | 2017-12-22 09:36:21 |
| fb00055a1196aeea8d1bc609885ba953 | TrickBot | 2018-01-01 22:49:25 |
| a50a861119aceb0ccc74902e8fddb618 | Tofsee | 2018-01-02 08:16:23 |
| e7643725fcff971e3051fe0e47fc2c71 | Tofsee | 2018-01-31 08:06:13 |
| 7c410ce832e848a3321432c9a82e972b | Tofsee | 2018-01-31 20:04:25 |
| da949afd9bd6df820730f8f171584a71 | Tofsee | 2018-02-03 05:19:37 |
| 906004246f3ba5e755b043c057254a29 | Tofsee | 2018-03-11 08:25:38 |
| fd80fa9c6120cdeea8520510f3c644ac | Tofsee | 2018-03-11 09:34:30 |