🚨
Critical Threats Require Immediate Attention
0 Known Exploited Vulnerabilities • 24 Critical CVEs • 0 Active C2 Servers • 0 High-Risk IPs
PATCH NOW
BLOCK IPS
🦠
414
Malware
🎯
0
C2 Servers
🔗
500
Mal URLs
📦
500
Payloads
🔓
100
CVEs
🔐
500
SSL Certs
🔑
97
JA3
☠️
500
ThreatFox
🌐
15
IPs
📊 Data Coverage
Total Collected:
2627
Total IOCs:
2511
CVE References:
314
Display Limit:
100/table
CVEs
100 / 100
100%
URLs
100 / 500
20%
Malware
100 / 414
24%
IPs
15 / 15
100%
Payloads
100 / 500
20%
SSL Certs
100 / 500
20%
JA3
97 / 97
100%
ThreatFox
100 / 500
20%
📤 Exportable IOC Summary (Click to download CSV)
🦠 Top Malware Families
ClearFake
210
Mirai
179
ACRStealer
90
Mozi
80
Vidar
62
Quasar RAT
57
StrelaSteale...
48
AgentTesla
27
☠️ ThreatFox IOC Types
domain
361
ip:port
104
url
35
📁 File Types
unknown
418
html
164
elf
158
dll
82
exe
26
js
25
🔐 SSL Blacklist Reasons
Vidar C&C
126
OffLoader C&C
82
ConnectWise C&C
63
QuasarRAT C&C
37
AsyncRAT C&C
25
PureLogsStealer C&C
23
🔑 JA3 Malware Types
Tofsee
45
Adware
24
TrickBot
9
Dridex
4
Quakbot
2
Gozi
2
🔓 Vulnerability Intelligence
100 shown / 100 total| CVE ID | Severity | CVSS | EPSS | Percentile | Priority |
|---|---|---|---|---|---|
| CVE-2026-26702 | CRITICAL | 9.8 | 0.04% | 11.1% |
|
| CVE-2026-26696 | CRITICAL | 9.8 | 0.04% | 11.1% |
|
| CVE-2026-26695 | CRITICAL | 9.8 | 0.04% | 11.1% |
|
| CVE-2026-26694 | CRITICAL | 9.8 | 0.04% | 11.1% |
|
| CVE-2026-24115 | CRITICAL | 9.8 | 0.05% | 16.3% |
|
| CVE-2026-24114 | CRITICAL | 9.8 | 0.05% | 16.3% |
|
| CVE-2026-24113 | CRITICAL | 9.8 | 0.05% | 16.3% |
|
| CVE-2026-24111 | CRITICAL | 9.8 | 0.05% | 16.3% |
|
| CVE-2026-24109 | CRITICAL | 9.8 | 0.05% | 16.3% |
|
| CVE-2026-24108 | CRITICAL | 9.8 | 0.05% | 16.3% |
|
| CVE-2026-24107 | CRITICAL | 9.8 | 1.13% | 78.0% |
|
| CVE-2026-23600 | CRITICAL | 10 | 0.24% | 46.4% |
|
| CVE-2026-0995 | LOW | 3.6 | 0.01% | 2.1% |
|
| CVE-2025-65465 | MEDIUM | 6.1 | 0.02% | 4.7% |
|
| CVE-2025-58107 | HIGH | 7.5 | 0.02% | 3.9% |
|
| CVE-2025-52482 | HIGH | 8.3 | 0.05% | 16.1% |
|
| CVE-2025-50192 | HIGH | 8.8 | 0.04% | 10.2% |
|
| CVE-2025-50191 | HIGH | 7 | 0.04% | 12.0% |
|
| CVE-2025-50190 | HIGH | 8.8 | 0.04% | 10.2% |
|
| CVE-2025-50189 | HIGH | 7.2 | 0.06% | 19.2% |
|
| CVE-2025-50188 | HIGH | 7 | 0.07% | 20.9% |
|
| CVE-2025-50187 | CRITICAL | 9.8 | 0.41% | 60.6% |
|
| CVE-2025-50186 | MEDIUM | 4.8 | 0.04% | 11.5% |
|
| CVE-2024-50337 | MEDIUM | 5.3 | 0.04% | 10.6% |
|
| CVE-2024-47886 | HIGH | 8.7 | 0.89% | 75.2% |
|
| CVE-2026-26698 | MEDIUM | 4.9 | 0.03% | 8.1% |
|
| CVE-2026-26697 | MEDIUM | 4.9 | 0.03% | 8.1% |
|
| CVE-2026-1628 | MEDIUM | 4.6 | 0.03% | 8.0% |
|
| CVE-2026-3432 | CRITICAL | 9.3 | 0.09% | 25.9% |
|
| CVE-2026-3431 | CRITICAL | 9.8 | 0.08% | 24.4% |
|
| CVE-2025-14532 | CRITICAL | 9.3 | 0.23% | 45.8% |
|
| CVE-2025-12462 | CRITICAL | 9.3 | 0.16% | 37.0% |
|
| CVE-2025-58406 | MEDIUM | 5.3 | 0.04% | 12.0% |
|
| CVE-2025-58405 | MEDIUM | 5.3 | 0.03% | 7.9% |
|
| CVE-2025-58402 | HIGH | 7.1 | 0.03% | 10.0% |
|
| CVE-2025-30062 | MEDIUM | 6.9 | 0.04% | 11.9% |
|
| CVE-2025-30044 | CRITICAL | 9.4 | 0.03% | 9.0% |
|
| CVE-2025-30042 | CRITICAL | 9 | 0.02% | 3.5% |
|
| CVE-2025-30035 | CRITICAL | 9 | 0.04% | 12.4% |
|
| CVE-2025-10350 | HIGH | 8.8 | 0.04% | 11.9% |
|
| CVE-2026-2584 | CRITICAL | 9.3 | 0.36% | 57.7% |
|
| CVE-2026-20445 | MEDIUM | 4.4 | 0.02% | 4.2% |
|
| CVE-2026-20444 | MEDIUM | 6.7 | 0.01% | 0.3% |
|
| CVE-2026-20443 | MEDIUM | 6.7 | 0.01% | 0.3% |
|
| CVE-2026-20442 | MEDIUM | 4.4 | 0.01% | 0.3% |
|
| CVE-2026-20441 | MEDIUM | 6.7 | 0.01% | 0.3% |
|
| CVE-2026-20440 | MEDIUM | 6.7 | 0.01% | 0.6% |
|
| CVE-2026-20439 | MEDIUM | 4.4 | 0.01% | 0.3% |
|
| CVE-2026-20438 | MEDIUM | 6.4 | 0.01% | 0.2% |
|
| CVE-2026-20437 | MEDIUM | 4.4 | 0.01% | 0.3% |
|
🌐 Enriched IP Intelligence
15 shown / 15 total| IP Address | Risk Score | GreyNoise | Abuse % | Ports | ISP | TOR |
|---|---|---|---|---|---|---|
| 142.4.6.57 |
|
unknown | 0% | 99320824432086 |
Unified Layer | |
| 162.144.127.197 |
|
unknown | 0% | 99320829952086 |
Unified Layer | |
| 5.9.178.143 |
|
unknown | 0% | 8022 |
Closco Ltd | |
| 49.212.179.180 |
|
unknown | 0% | 8044322 |
SAKURA Internet Inc. | |
| 194.58.98.196 |
|
unknown | 0% | 8022 |
Reg.Ru Hosting | |
| 67.213.75.205 |
|
unknown | 0% | 1651884 Ontario Inc. | ||
| 192.73.238.101 |
|
unknown | 0% | RAMNODE | ||
| 51.178.161.32 |
|
unknown | 0% | OVH SAS | ||
| 64.225.35.35 |
|
unknown | 0% | DigitalOcean, LLC | ||
| 195.159.28.230 |
|
unknown | 0% | 993995587143 |
Jpg AS | |
| 93.186.200.154 |
|
unknown | 0% | 5322 |
fast IT Colocation | |
| 103.61.101.11 |
|
unknown | 0% | 200082918081 |
Calcify It Services ... | |
| 37.139.2.140 |
|
unknown | 0% | DigitalOcean | ||
| 23.160.192.125 |
|
unknown | 0% | NetInformatik Inc. | ||
| 195.231.69.151 |
|
unknown | 0% | 3389 |
Aruba S.p.A. - Cloud... |
🦠 Malware Samples
100 shown / 414 total| SHA256 | Family | Name |
|---|---|---|
| 724930d0644542e600a23259b1a6d3cb12de34b68d3bbbb46d479048974da3a5 | Mirai | mips |
| ce5189c38491ce5f84fe1c50722759b38832e1bfdec65ccacb598f06bf5b1811 | PhantomStealer | RFQ-SABIC FACTORY-MEDUYW3... |
| bd6a93a6f1b3c9337dde212fbcce087dd94a8bbf492d232ac00b7abde9f675e7 | Mirai | x86_64 |
| 2c1b5c4603ba3a79bdb541f2eba98828781c742fdc0545bf45745cb3173575b2 | VIPKeylogger | RFQ - MJ4300- 73702668.ba... |
| b79102af20e7f88e6fd4b654ca5ee1b4a48bdb75b32b6675468fa492a6fddc12 | Mirai | arm5 |
| 55b99f0d438800cad8288d81d2808728ce1bec8c22c5346a38a513dc6728b4ba | ValleyRAT | sqlite3.dll |
| 53bd1add0d364ef57993eaad0a84adefac9bb44d5047e17018468a069420913e | ValleyRAT | 231_20260311.zip |
| 2b973dd6686e5fdc533eb55644bf25fc5deefb87eee67f325474d0be3cc53561 | Formbook | 50% Advance Payment.js |
| 9a295f144a635f69749c353220f2603450cfee2ebe299c9e221325903e9e0280 | GuLoader | Receipt_Inv_12345_WinRAR.... |
| 9d10014303682ef42af043574519091b9bd7cb9005b1dff41693ce4028738d6b | Mirai | arm7 |
| a1145ae7bbc7d896876d9bdd49c8186a6ced9103c847d5e86eeb7782057277a7 | DCRat | WMIEventLogs.js |
| 1d0ea54f75d592d7fe26d4fa350f66569e2deb31e98cb2be9be8ad25c3f12b9d | RemcosRAT | CopilotDriver.js |
| dcbfc012488a3f217631099c9caa07af55f30e225b4521cf2b231c3dde6f0a64 | AgentTesla | Nuovo ordine n 1557.exe |
| b7ae5bf643afbc6fbb07b0970b9f5b4e58e1974e90e5a41f98ef432e64cb740e | PhantomStealer | 3c7471c143d28034a6d2d4d61... |
| cf14e2a943f417a9a02a79ad52dbd5d753ee2a0e72398a624eeec485f119c8df | PhantomStealer | Sales Contract_MIQOSZX040... |
| 8426e0e8958cca0cd429fa8f384e6c31cf32ad82e51668650f191c431b0b2bb0 | AgentTesla | f9ecb4fe349c3ae0489bdc7f5... |
| e128bc040b035c39a880503f39d17a9a51f73b1ad33daf7e004b37181a332943 | a310Logger | 8c48d89a6b5de520e4256e2a3... |
| cc02401bd56274d211d97e7f234df09b28142189e3cb91df798cb929a0ecca4d | GuLoader | 1db7bef0d45a90cdadde311f3... |
| ac5d5a1c08b75129823ff12311b40cab133ad654b70fb44a77c8c4c6453f3972 | Formbook | OVERDUE ACOUNT LETTER.EXC... |
| a5e8581ffa0b54efbb78db8401641213521a319a46b0570f4079a73b345fd1de | RemcosRAT | 835bc9d8d84117c6730aa7334... |
| 7c7776559c3950b67aa37811f7ee60a5ba958439771464c8f3e5546ba83441d0 | a310Logger | 1e367538219c87f927a253a0d... |
| 823900c665b32b5c9129b3e87a894ec19542e80e79d204c09f0eb2c6213c0d9c | Mirai | ttmswapd |
| faa624f7de16bd4612c05bf1c08bdcb65870cb7c27b00fd3873ea4142490533a | Mirai | mdsync1 |
| 0d49688edbdc33256695826bd036b55f7b8eb84b93f006642c6fd4865fc63592 | Mirai | kworkerd0 |
| fc5b87d15f5db3c2b29f70820a3fea17ffde7fae0e1baf8d0696201656d14210 | Mirai | kswapd1 |
| ce576556204a6d2e305c289682cfb832c0536f0403dade3f38b379eb317a4099 | Mirai | ksnapd0 |
| 5e4e053b9f63c2a6024eb02a7a8c0122c3d1f655d6abf5a5d325df7064e78969 | Mirai | kpsmoused0 |
| c6a4bebad227b86e836ae56f68ce7072293c4153f44429999d208eaa00f74a4c | Mirai | ip6addrd |
| fbb790dc87ae0e82cb566d1f3b3c01938a3b8c87865be69926b18e68b818c31b | Mirai | devfreqd0 |
| 4fe09a891209ea19498735084ea5756e5f488752da9c743a92ea99ffeb8ffada | Mirai | deferwqd |
| e25ef4745b81a06cbb940654a6295ce1d2d51d7c073be604129bd4700d504512 | AgentTesla | 8b177c15d1eaccf968fc58514... |
| dc266cd65df56ade7508b58528c42fde8f42f203c03fa28eecdcd4893a2f4448 | Formbook | 92da00abdb4ea97e890e2ea9d... |
| a1e7238bffe6f64643869edc5cd52b9c9cb5b080b3a72f2363f8601a82a8b808 | AgentTesla | 8d28147d18ee3b99aa9c13639... |
| c0b74422ad8e26aeefbeb4950c14a317266c7691a6a8990df35b37c5fed2b92e | XWorm | 384b9ae13397f59aec908190b... |
| c8700401beaa57f15edb232f767eb20788721da2a0f58d5403662fa99cc7d4a5 | Mirai | vredisd0 |
| fc83982913bf7b3e03f0cc1c4e00b0e02ba91db545628f68266f77d90fa282f5 | Mirai | ttmswapd |
| 79e2f36ac44647db4610eb122f284a16c40468ddcf9c53b4e5064d5f62d1660c | Mirai | mdsync1 |
| 96b3fb6c037e47fdfe5fc1378ec6de36ab49d540956a30cf4b85923446c60b3f | Mirai | kworkerd0 |
| fb35b3bb0f6ccfa88024ab70e6425c4b1b4b1974e2d93fd37469e7ac7b96aa77 | Mirai | kvmirqd |
| 5983735c43d7cdee4d29182ccb9d639c25a7e4876aeaf3d51c9ce1471ce56edc | Mirai | kswapd1 |
| 76cd5d88764ee08a5c7118b4e85ca3436848d364b6bfa7370d30ef8f2d4808ae | Mirai | ksnapd0 |
| 49fb7645dc0d583560b65c06ec07f7e1fe0982cee4c8e8186bcbdfbaffc09ede | Mirai | kpsmoused0 |
| 42b0210e34ad04a70ad30f12effe8ef173c4d1408e6bef1bd5003481f4ee3662 | Mirai | kintegrity0 |
| f1ba596e1ce202309f20591100f0b515d37f2cf931b054e4f6d6e1eccbcfdfd3 | Mirai | ip6addrd |
| 770165df1cb9509cd4a8b726d1132c0cbf0161d50ee2649fcd27bab024869a6f | Formbook | af67942dbe82661c2e7f411f9... |
| 546fa743b4c963e8f1fc8cb08f145d87f96543c4233763015f9df51e603adb98 | Mirai | devfreqd0 |
| 6fd94735cc14b05e30be917b68b8957b3f3fb711cfda0202e401e5ad41d35bb3 | AgentTesla | 8265325f473fd1a78ceb79b27... |
| ca1f5015c6f1b10528f314bad498b39e84026a9683ee9ce7ba1e84750a24e2e7 | Mirai | deferwqd |
| 2c1b0fd298c55b1ae875d4b2ea79e2aa61ced84588a2104c9fc4d3e494cfb9e1 | Mirai | biosd0 |
| c1e6366eb5b84812b16c75b35416d6e9d376c0c8d65ceacd4bd28a2461c32264 | MassLogger | 42533b4298cbb8961f90da22d... |
🎯 C2 Infrastructure
0 shown / 0 total| IP | Port | Family | Status |
|---|---|---|---|
| No data | |||
🔗 Malicious URLs
100 shown / 500 total| URL | Threat | Status | SURBL | Spamhaus | Tags |
|---|---|---|---|---|---|
| http://115.50.103.74:43539/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| https://uth9.bestlog.in.net/verification.google | malware_download | online | not listed | malware_domain | ACRStealerClearFake |
| https://gran-pra.bestlog.in.net/verification.google | malware_download | online | not listed | malware_domain | ACRStealerClearFake |
| https://ri4w.backlog.in.net/verification.google | malware_download | online | listed | malware_domain | ACRStealerClearFake |
| https://parsegri.backlog.in.net/verification.google | malware_download | online | listed | abused_legit_malware | ACRStealerClearFake |
| http://42.232.234.79:50444/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://rewardhunt.xyz/32tyughwjkem/ENCRYPT.Ps1 | malware_download | offline | not listed | botnet_cc_domain | asciiopendir |
| https://hw94h.backlog.in.net/verification.google | malware_download | online | listed | abused_legit_malware | ACRStealerClearFake |
| http://219.155.233.238:35774/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://archive.org/download/optimized_msi_20260309/optimized_MSI.png | malware_download | offline | not listed | not listed | |
| https://9rfio.backlog.in.net/verification.google | malware_download | online | listed | abused_legit_malware | ACRStealerClearFake |
| http://photo-id5631894.com/ | malware_download | online | listed | abused_legit_malware | ua-ps |
| https://blue-oceans.net/ENCRYTPT.Ps1 | malware_download | offline | not listed | not listed | asciipowershell |
| https://casadoserralheirosaocarlos.com.br/ENCRYPTSS.Ps1 | malware_download | offline | listed | not listed | AgentTeslaascii |
| https://sixmexicos.com/ENCRYPT.Ps1 | malware_download | offline | not listed | botnet_cc_domain | asciiPhantomStealer |
| https://flowpassive.logcheck.in.net/verification.google | malware_download | online | listed | abused_legit_malware | ACRStealerClearFake |
| http://115.55.53.249:59468/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| http://59.88.234.157:53515/i | malware_download | online | not listed | not listed | 32-bitelf |
| https://iqkd.logcheck.in.net/verification.google | malware_download | online | listed | abused_legit_malware | ACRStealerClearFake |
| https://neo-tru3.logcheck.in.net/verification.google | malware_download | online | listed | abused_legit_malware | ACRStealerClearFake |
| http://123.5.146.100:60996/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://42.179.121.16:43929/bin.sh | malware_download | offline | not listed | not listed | 32-bitelf |
| http://110.36.2.23:59166/i | malware_download | online | not listed | not listed | 32-bitelf |
| http://110.36.30.247:43740/bin.sh | malware_download | online | not listed | not listed | 32-bitelf |
| https://greenfields-world.cc/dev/jeFopmg.txt | malware_download | online | listed | abused_legit_malware | asciiEncoded |
| https://file-eu-gra-1.gofile.io/download/direct/793ff904-1286-4d9d-b4be-4c6c46e8... | malware_download | online | not listed | not listed | ValleyRAT |
| http://109.236.48.121/ksnapd0 | malware_download | online | not listed | not listed | mirai |
| https://rkxv.keysum.in.net/verification.google | malware_download | online | listed | abused_legit_malware | ACRStealerClearFake |
| https://compimento.ba/asyncdecenimg_050306.png | malware_download | online | not listed | abused_legit_malware | AsyncRATrat |
| https://modern8-signal.logcheck.in.net/verification.google | malware_download | online | listed | abused_legit_malware | ACRStealerClearFake |
| http://188.137.224.103/favicon.ico | malware_download | online | not listed | not listed | exeVidar |
| https://genefrost.keysum.in.net/verification.google | malware_download | online | listed | abused_legit_malware | ACRStealerClearFake |
| http://wire2spell.com/1.rar | malware_download | online | listed | abused_legit_malware | |
| https://spjx-1k1.pages.dev/download/android%E7%89%88.zip | malware_download | online | listed | abused_legit_phishing | |
| http://109.236.48.121/kswapd1 | malware_download | online | not listed | not listed | mirai |
| http://109.236.48.121/vredisd0 | malware_download | online | not listed | not listed | mirai |
| http://109.236.48.121/ethd0 | malware_download | online | not listed | not listed | |
| http://109.236.48.121/kvmirqd | malware_download | online | not listed | not listed | mirai |
| https://guillaumerobin.com/sp-ankki-pankki/spankki.zip | malware_download | online | not listed | abused_legit_malware | |
| http://109.236.48.121/kpsmoused0 | malware_download | online | not listed | not listed | mirai |
| http://109.236.48.121/devfreqd0 | malware_download | online | not listed | not listed | mirai |
| http://109.236.48.121/ttmswapd | malware_download | online | not listed | not listed | mirai |
| http://109.236.48.121/biosd0 | malware_download | online | not listed | not listed | mirai |
| http://109.236.48.121/deferwqd | malware_download | online | not listed | not listed | mirai |
| http://109.236.48.121/mdsync1 | malware_download | online | not listed | not listed | mirai |
| http://109.236.48.121/kintegrity0 | malware_download | online | not listed | not listed | mirai |
| http://109.236.48.121/kworkerd0 | malware_download | online | not listed | not listed | mirai |
| https://pole-rt-inger.com/WORDPRESS%202026.zip | malware_download | online | listed | abused_legit_malware | |
| http://109.236.48.121/ip6addrd | malware_download | online | not listed | not listed | mirai |
| http://6.ddns.me/789.ps1 | malware_download | online | listed | abused_legit_malware |
📦 URLhaus Payloads (with VirusTotal)
100 shown / 500 total| SHA256 | Family | Type |
|---|---|---|
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | -- | elf |
| 2d0f49b4f602791d7341a1ca350e84d8ea622cfc09928b8d3f1df5ce48a11bc1 | ACRStealer | dll |
| b5b0cc9b0f4ab8ce3742b25056c2f20b6fa9195aba06f6ca654118926d0559f8 | -- | html |
| 2d0f49b4f602791d7341a1ca350e84d8ea622cfc09928b8d3f1df5ce48a11bc1 | ACRStealer | dll |
| 2d0f49b4f602791d7341a1ca350e84d8ea622cfc09928b8d3f1df5ce48a11bc1 | ACRStealer | dll |
| 775f88489d6b6a9fab5faa364b00c07c457d2460c7f6a62b841f2fcb8f240e8a | -- | html |
| d21cb57feebfcc8b752c20280f4d128c1ed5af96c44686152114b31cff358347 | -- | html |
| 4341e88cc8798d44a25d75f7ba833f82567f4fb427a26a272448ee347eca2a0e | -- | elf |
| 131d451c8abdc1cd13c2f08eeaf2923f16a8ccee8d48fe6d86b1cce1010a4247 | -- | html |
| ed5ab2913e1a9eb8516de1ed5d0ee27d7278b749adf0fbb88fa85297f46a0e0d | CoinMiner | exe |
| 2637316e316ede1daf0b58d4dedc89da1237e65a2fb7e57b8c007b2ff48bcbed | -- | html |
| 5bbde4666f73a6ab3c6a524d2ff9739be38dc07f2bcf7a4f6de766a82d2dcc51 | -- | txt |
| ef1220b51db82981289498a6f4c4c404e993d5d35726162112c5093ed68d6824 | -- | html |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 1fed333fddf79eec26785d4288dccdb5a6278852d3b70d26a64a7c9e2edd8828 | -- | html |
| 4d187f8f43a67486d121ec414b55ec0dadd14efca8b7d5e531de85d254711c6f | -- | html |
| 2d0f49b4f602791d7341a1ca350e84d8ea622cfc09928b8d3f1df5ce48a11bc1 | ACRStealer | dll |
| 80551c87db15d794c02974165e9a6086a5239f820831042e5573d49a26de9227 | -- | elf |
| f83c694de2fe84017b3a293dfcdb7d8e9204ce44b87e3dae783fab8011546192 | -- | html |
| 2e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6 | -- | elf |
| b490cc4b01277fa74206a9e6003fda033827965aca147b6e8ed1b9d52296b407 | -- | json |
| 2d0f49b4f602791d7341a1ca350e84d8ea622cfc09928b8d3f1df5ce48a11bc1 | ACRStealer | dll |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| 4bdd679c00a7fb5ac154c46589a71509768e6d22381b79c9c3f058dd11d580e4 | -- | html |
| 55866f0c5b53419c79d7be9b565e338091f4aa755a278eaca887f03ece544c7a | Gh0stRAT | exe |
| 2d0f49b4f602791d7341a1ca350e84d8ea622cfc09928b8d3f1df5ce48a11bc1 | ACRStealer | dll |
| 903eabe30ae387e25b57f415daa4106f376cd928c8c0ae88e3dc319bc146ad30 | -- | html |
| 7f5640425b0313d1bd19ba391e62b86826d6ec57b9040ce0c70656ed0b60ff30 | -- | ps1 |
| 8ba4d78228ca5b565eb05bc0d7549a3054b4cf6ae9ab157fa495e14628f0f729 | -- | html |
| b74c8c502c3ee709223395c5e20170816e95e7aad747bd7ee276b821686f6115 | -- | js |
| 08bc393340dc5723876981c5857ccb4f6afcc80712dbeae1df8d4a4ae778f83f | -- | html |
| b921c47958ad016772b3aa4aeade80b1e15e31b01f245aa01b433306fc218b72 | -- | html |
| e69f2aa63c2bb320628e5603a1dc079757278186ddc13ad212aa9b7d4e6de52c | -- | html |
| be76b420de33fca0c937bb4a6e17a4259fb94766cc8c1d78290e6b1142988a18 | -- | html |
| 33cdecec7c62a7571d63853b757966eaffd5b9780870f9c1b28cb05a385b761c | CoinMiner | exe |
| 2d6f6bd807096d3ded1ad33b75bb36d63de1d14b43d9c6aa30f35133610d7362 | -- | js |
| de79146ed840f7aa78892260458cd84c3dd0d9094945d462cb920e811a616798 | -- | html |
| 2d0f49b4f602791d7341a1ca350e84d8ea622cfc09928b8d3f1df5ce48a11bc1 | ACRStealer | dll |
| b6ca406a132a05fbdf9a3d25dc8cbe567fc1ef5bfa82de229842343720c9ac15 | -- | unknown |
| e3f2bd2cb7806dcf222626881225dd4a979f5eb2241945c3d045db1153186eba | -- | html |
| fb8bdfd99b10ba4e4b00caf31376f1f59b89b2482b541729890ccccd779d46e2 | -- | html |
| 18db835050a8505242daf040ee584343c236d65387ec9760e2225c694e2900bb | -- | html |
| 67b239354dc0a287bd85b566f2b445eb8c18e9f643314e5f26af72386e6a1a3f | -- | html |
| 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7 | Mozi | elf |
| dfd47e9422f4c91aa9dc6cff0fcd4f507e80aff751aac8736f4aac70136a5db9 | -- | html |
| 708ec8102f1304fe2f3887308bf630f029f8a0b3ecb21a21d07b30e9b16bde11 | -- | html |
| b76d0bdfb445be15afd62d85c562bf55a7cd36376b696493bd2c934885043d22 | -- | json |
| 498b5a9992b80e2f878565a376c3c2a8ede32523210043dfa427fb3783e1675d | -- | html |
| 0436a0c0cedfa510bd996458ad7933d252d6b06ae13e8776156654b0a9aba895 | CoinMiner | exe |
| cde87d106741dd33b6cba97958dc104087daeafb014c9ea913af05ae72707933 | -- | zip |
☠️ ThreatFox IOCs
100 shown / 500 total| IOC | Type | Malware | Confidence | Threat |
|---|---|---|---|---|
| uth9.bestlog.in.net | domain | ClearFake |
|
payload_delivery |
| gran-pra.bestlog.in.net | domain | ClearFake |
|
payload_delivery |
| ri4w.backlog.in.net | domain | ClearFake |
|
payload_delivery |
| palani.photography | domain | StrelaStealer |
|
payload_delivery |
| parsegri.backlog.in.net | domain | ClearFake |
|
payload_delivery |
| hw94h.backlog.in.net | domain | ClearFake |
|
payload_delivery |
| zloapobikahy23.bond | domain | Unknown malware |
|
botnet_cc |
| 9rfio.backlog.in.net | domain | ClearFake |
|
payload_delivery |
| pakphthalates.com | domain | StrelaStealer |
|
payload_delivery |
| flowpassive.logcheck.in.net | domain | ClearFake |
|
payload_delivery |
| iqkd.logcheck.in.net | domain | ClearFake |
|
payload_delivery |
| neo-tru3.logcheck.in.net | domain | ClearFake |
|
payload_delivery |
| modern8-signal.logcheck.in.net | domain | ClearFake |
|
payload_delivery |
| rkxv.keysum.in.net | domain | ClearFake |
|
payload_delivery |
| pages.edenstanley.co.uk | domain | StrelaStealer |
|
payload_delivery |
| genefrost.keysum.in.net | domain | ClearFake |
|
payload_delivery |
| tr4c-craft.keysum.in.net | domain | ClearFake |
|
payload_delivery |
| padsante.com | domain | StrelaStealer |
|
payload_delivery |
| 8uasm.keysum.in.net | domain | ClearFake |
|
payload_delivery |
| 5wif5-leaf.testload.in.net | domain | ClearFake |
|
payload_delivery |
| crat-mas.testload.in.net | domain | ClearFake |
|
payload_delivery |
| padel-ancises.fr | domain | StrelaStealer |
|
payload_delivery |
| jvrkh.testload.in.net | domain | ClearFake |
|
payload_delivery |
| 74.0.32.148:443 | ip:port | Vidar |
|
botnet_cc |
| 74.0.48.159:443 | ip:port | Vidar |
|
botnet_cc |
| 74.0.48.160:443 | ip:port | Vidar |
|
botnet_cc |
| 74.0.48.164:443 | ip:port | Vidar |
|
botnet_cc |
| 148.251.39.123:443 | ip:port | Vidar |
|
botnet_cc |
| 148.251.39.124:443 | ip:port | Vidar |
|
botnet_cc |
| 148.251.39.125:443 | ip:port | Vidar |
|
botnet_cc |
| 148.251.39.126:443 | ip:port | Vidar |
|
botnet_cc |
| dgg.paihost.com | domain | Vidar |
|
botnet_cc |
| dgg.ssffaa18.xyz | domain | Vidar |
|
botnet_cc |
| epy.nexs.com.bd | domain | Vidar |
|
botnet_cc |
| epy.ssffaa18.xyz | domain | Vidar |
|
botnet_cc |
| https://74.0.48.164/ | url | Vidar |
|
botnet_cc |
| https://148.251.39.123/ | url | Vidar |
|
botnet_cc |
| https://148.251.39.124/ | url | Vidar |
|
botnet_cc |
| https://148.251.39.125/ | url | Vidar |
|
botnet_cc |
| https://148.251.39.126/ | url | Vidar |
|
botnet_cc |
| https://epy.ssffaa18.xyz/ | url | Vidar |
|
botnet_cc |
| https://dgg.paihost.com/ | url | Vidar |
|
botnet_cc |
| https://dgg.ssffaa18.xyz/ | url | Vidar |
|
botnet_cc |
| https://74.0.32.148/ | url | Vidar |
|
botnet_cc |
| https://74.0.48.159/ | url | Vidar |
|
botnet_cc |
| https://74.0.48.160/ | url | Vidar |
|
botnet_cc |
| https://epy.nexs.com.bd/ | url | Vidar |
|
botnet_cc |
| audiosolar.testload.in.net | domain | ClearFake |
|
payload_delivery |
| 168.245.203.190:3790 | ip:port | Meterpreter |
|
botnet_cc |
| 103.177.47.150:3790 | ip:port | Meterpreter |
|
botnet_cc |
🔐 SSL Blacklist
100 shown / 500 total| SHA1 Fingerprint | Reason | Listed |
|---|---|---|
| a31a48281774353a1282ae49b81f0699a15a9d49 | ACRStealer C&C | 2026-03-11 09:02:34 |
| 8b47871555b697ac34385dd0622ef77a0ff99d65 | ResolverRAT C&C | 2026-03-11 08:51:22 |
| b918317471273f6346359afabcc1f14c4d22ebfb | Vidar C&C | 2026-03-11 07:22:09 |
| 7692e8ab3cd18c1bd81d8541f62628560c2abf21 | ACRStealer C&C | 2026-03-11 07:20:41 |
| 56bad084f7d679dfddbe0f1ac2254b191051d348 | QuasarRAT C&C | 2026-03-11 07:19:12 |
| 363c5465989001701bfd2de6993628e0264dc7e7 | QuasarRAT C&C | 2026-03-11 07:12:26 |
| 82fe5adc2e8dbae73f9825e1ef853a064ae1bba9 | Vidar C&C | 2026-03-11 07:07:37 |
| 343a308d6aa6ef72febb594eb35d88f843d50852 | OffLoader C&C | 2026-03-11 07:07:30 |
| 377ad0ed37e0bae1b74bee4cdb9b50f1ab0689e1 | RatonRAT C&C | 2026-03-11 07:05:18 |
| 581cff3c3ff5140030c1b2dae80093f37df765df | QuasarRAT C&C | 2026-03-10 08:39:49 |
| 7ca748d42ca714a0017f176dd942ae77739b34be | ACRStealer C&C | 2026-03-10 07:36:28 |
| abc97e073da46b3dfe0c8a5ccfc416eeb221631c | AmateraStealer C&C | 2026-03-10 07:35:02 |
| 80c481f9b55d711b33854644fd736f4b642b42b8 | DeerStealer C&C | 2026-03-10 06:46:01 |
| 597545892f122729047032705d557fe787138c32 | Vidar C&C | 2026-03-09 15:24:41 |
| ba73202e3b0282d2896001e9a43dfbb4f86a1f22 | ACRStealer C&C | 2026-03-09 15:24:17 |
| f71e8ba982b2fcb0d3a1ffe25462bb768c06b9d6 | PureHVNC C&C | 2026-03-09 14:58:44 |
| 23943a58946c0e85ada934588e3cdd70909e9d0f | SantaStealer C&C | 2026-03-09 13:34:15 |
| 0d967feb37696cc0d8efe72998132dac504a2091 | PureHVNC C&C | 2026-03-09 12:57:51 |
| 6351234662461217b8b3178bd777b2dffe766ead | QuasarRAT C&C | 2026-03-09 12:57:29 |
| 8af633744198ffd5bb1e437173eb0292f95c668e | Vidar C&C | 2026-03-09 06:45:28 |
| edda834f9d99ba5d22b01adfab9c69873fa7c47c | Vidar C&C | 2026-03-09 06:29:12 |
| 0ede08cde79bd849d4cb3f6a3bf44159375e7942 | Vidar C&C | 2026-03-09 06:28:51 |
| 1906000bcbc6369f6361efa108bb803414e8e130 | Malware C&C | 2026-03-08 19:31:53 |
| 472eb1f7d78f14512fb0fe4c9f1c62ae4b25d024 | ACRStealer C&C | 2026-03-08 19:23:07 |
| fecbcfd7dcdac7eb882a84d60e0a0f8aa8413fe0 | OffLoader C&C | 2026-03-08 16:38:21 |
| d98a4d1dd928b3fa1f070ebc2349b4fc5ea9c893 | PureHVNC C&C | 2026-03-08 07:10:23 |
| e2a5b820d463b605090d3d833d12252a22cd4510 | ACRStealer C&C | 2026-03-08 06:49:56 |
| f78a257ac3bdf0503c3c8e10b84fcee62452df64 | OffLoader C&C | 2026-03-08 06:47:52 |
| 1ace32f015a4033140d846ea8c663a5d207804cb | OffLoader C&C | 2026-03-08 06:47:25 |
| 1f0736f9b04b5580fae76c56ad9b5b4d3db31171 | ResolverRAT C&C | 2026-03-07 19:09:51 |
| fc13b72e3fbc49e25fb617047297c3d1bf51da7f | Vidar C&C | 2026-03-07 18:14:39 |
| 493192edea58ec659ee270032660c6113e9b448e | Vidar C&C | 2026-03-07 18:13:49 |
| f9e8d701de1740086da792e2c9be70df261e1832 | LummaStealer C&C | 2026-03-07 18:11:53 |
| f8a1e818bbf73503bfd83ab3f81850ef797fd2b7 | ACRStealer C&C | 2026-03-07 18:04:09 |
| b84f367205c3150a29707120bc237a5161d8886e | Vidar C&C | 2026-03-07 18:03:05 |
| 3408754167a67b0ef2be34b781c65f489a406f4d | OffLoader C&C | 2026-03-07 18:02:55 |
| 6b58bfd60fc3150331254a46d2e75f0856f5d0ae | QuasarRAT C&C | 2026-03-07 18:02:16 |
| 20f30e05d2a2de117bdad78811946e112dc4dd6c | LummaStealer C&C | 2026-03-07 18:01:11 |
| 1461aa5a324504800a52ab2f49b081cefe967e17 | CobaltStrike C&C | 2026-03-07 18:00:49 |
| a74f41b786d185fe822c02182d5bd211b1fa0ac6 | Malware C&C | 2026-03-07 17:59:24 |
| e074dd74eb8eb98468a94eb43b3487fe2b7f5980 | AsyncRAT C&C | 2026-03-07 17:58:22 |
| 0952ff0e052e4f42de549739e13cbd43c0fd19aa | Vidar C&C | 2026-03-07 17:58:19 |
| 31c01ed43c4ee8fee7741222d35ae09e7fef33d9 | PureLogsStealer C&C | 2026-03-07 17:57:44 |
| 681458464204f46d521eba3ffb7bad5c6dfab306 | Vidar C&C | 2026-03-07 17:57:14 |
| 8ac5a12541a3c69ea2f666af4c7a35d13ba11be7 | ACRStealer C&C | 2026-03-07 17:56:23 |
| fce726e59eb6e81b7c829c3af8262263f087354f | ACRStealer C&C | 2026-03-07 17:53:43 |
| b6c09242891d28e53798095a6fa8410cbc9dfdec | ACRStealer C&C | 2026-03-07 17:51:27 |
| 47f69da177d26bdf0ee942864f8d8459c1173365 | ACRStealer C&C | 2026-03-07 17:49:38 |
| ebc53a443dbd8f5357cf0afd4b754b1b11d81269 | ACRStealer C&C | 2026-03-07 17:43:08 |
| 2a0691720f8577fc5113b612565c205b6fff215f | ACRStealer C&C | 2026-03-07 17:42:06 |
🔑 JA3 Fingerprints
97 shown / 97 total| JA3 Hash | Reason | First Seen |
|---|---|---|
| b386946a5a44d1ddcc843bc75336dfce | Dridex | 2017-07-14 18:08:15 |
| 8991a387e4cc841740f25d6f5139f92d | Adware | 2017-07-14 19:02:03 |
| cb98a24ee4b9134448ffb5714fd870ac | Dridex | 2017-07-14 19:48:28 |
| 1aa7bf8b97e540ca5edd75f7b8384bfa | TrickBot | 2017-07-14 20:23:38 |
| 3d89c0dfb1fa44911b8fa7523ef8dedb | Adware | 2017-07-15 04:23:45 |
| bc6c386f480ee97b9d9e52d472b772d8 | Adware | 2017-07-15 10:57:38 |
| 8f52d1ce303fb4a6515836aec3cc16b1 | TrickBot | 2017-07-15 19:05:11 |
| d6f04b5a910115f4b50ecec09d40a1df | Dridex | 2017-07-15 19:42:24 |
| 35c0a31c481927f022a3b530255ac080 | Tofsee | 2017-07-15 19:43:19 |
| e330bca99c8a5256ae126a55c4c725c5 | Adware | 2017-07-15 19:59:29 |
| d551fafc4f40f1dec2bb45980bfa9492 | Adware | 2017-07-15 19:59:29 |
| 83e04bc58d402f9633983cbf22724b02 | Adware | 2017-07-16 01:32:03 |
| b8f81673c0e1d29908346f3bab892b9b | Adware | 2017-07-16 01:32:03 |
| 70722097d1fe1d78d8c2164640ab6df4 | Tofsee | 2017-07-16 02:39:08 |
| 9c2589e1c0e9f533a022c6205f9719e1 | Adware | 2017-07-16 08:37:17 |
| 849b04bdbd1d2b983f6e8a457e0632a8 | Adware | 2017-07-16 08:37:17 |
| 16efcf0e00504ddfedde13bfea997952 | Adware | 2017-07-16 19:45:45 |
| 4d7a28d6f2263ed61de88ca66eb011e3 | Tofsee | 2017-07-16 21:20:29 |
| 550dce18de1bb143e69d6dd9413b8355 | Adware | 2017-07-16 22:17:20 |
| c50f6a8b9173676b47ba6085bd0c6cee | TrickBot | 2017-07-16 22:38:41 |
| 590a232d04d56409fab72e752a8a2634 | Tofsee | 2017-07-18 18:53:24 |
| 51a7ad14509fd614c7bb3a50c4982b8c | JBifrost | 2017-07-19 07:28:19 |
| 96eba628dcb2b47607192ba74a3b55ba | Tofsee | 2017-07-19 18:53:48 |
| df5c30e670dba99f9270ed36060cf054 | Tofsee | 2017-07-20 17:44:07 |
| 098f55e27d8c4b0a590102cbdb3a5f3a | Adware | 2017-07-21 09:52:01 |
| 29085f03f8e8a03f0b399c5c7cf0b0b8 | Adware | 2017-07-22 14:07:36 |
| 46efd49abcca8ea9baa932da68fdb529 | Adware | 2017-07-22 14:07:36 |
| d7150af4514b868defb854db0f62a441 | Tofsee | 2017-07-23 09:39:24 |
| 03e186a7f83285e93341de478334006e | Tofsee | 2017-07-24 18:17:14 |
| 3cda52da4ade09f1f781ad2e82dcfa20 | Quakbot | 2017-07-30 18:41:36 |
| b13d01846ad7a14a70bf030a16775c78 | Adware | 2017-08-08 07:12:49 |
| 1543a7c46633acf71e8401baccbd0568 | Tofsee | 2017-08-08 21:32:28 |
| 1d095e68489d3c535297cd8dffb06cb9 | Tofsee | 2017-08-12 19:56:28 |
| 698e36219f3979420fa2581b21dac7ec | Adware | 2017-08-28 12:20:47 |
| 93d056782d649deb51cda44ecb714bb0 | Adware | 2017-08-28 12:20:47 |
| 1712287800ac91b34cadd5884ce85568 | TorrentLocker | 2017-08-28 16:01:59 |
| 5e573c9c9f8ba720ef9b18e9fce2e2f7 | Adware | 2017-08-30 13:44:56 |
| f6fd83a21f9f3c5f9ff7b5c63bbc179d | Adware | 2017-10-20 08:03:21 |
| 92579701f145605e9edc0b01a901c6d5 | Adware | 2017-10-23 00:10:48 |
| a61299f9b501adcf680b9275d79d4ac6 | Tofsee | 2017-11-04 18:03:59 |
| b2b61db7b9490a60d270ccb20b462826 | Adware | 2017-11-14 20:12:03 |
| 7dcce5b76c8b17472d024758970a406b | Tofsee | 2017-11-22 12:42:46 |
| 534ce2dbc413c68e908363b5df0ae5e0 | TrickBot | 2017-12-22 09:36:21 |
| fb00055a1196aeea8d1bc609885ba953 | TrickBot | 2018-01-01 22:49:25 |
| a50a861119aceb0ccc74902e8fddb618 | Tofsee | 2018-01-02 08:16:23 |
| e7643725fcff971e3051fe0e47fc2c71 | Tofsee | 2018-01-31 08:06:13 |
| 7c410ce832e848a3321432c9a82e972b | Tofsee | 2018-01-31 20:04:25 |
| da949afd9bd6df820730f8f171584a71 | Tofsee | 2018-02-03 05:19:37 |
| 906004246f3ba5e755b043c057254a29 | Tofsee | 2018-03-11 08:25:38 |
| fd80fa9c6120cdeea8520510f3c644ac | Tofsee | 2018-03-11 09:34:30 |