Skip to main content

ThreatFox IOCs for 2025-02-16

Medium
Published: Sun Feb 16 2025 (02/16/2025, 00:00:00 UTC)
Source: ThreatFox
Vendor/Project: type
Product: osint

Description

ThreatFox IOCs for 2025-02-16

AI-Powered Analysis

AILast updated: 06/18/2025, 08:20:27 UTC

Technical Analysis

The provided threat information pertains to a malware-related intelligence report titled "ThreatFox IOCs for 2025-02-16," sourced from ThreatFox, a platform known for sharing Indicators of Compromise (IOCs) and threat intelligence data. The threat is categorized under OSINT (Open Source Intelligence), network activity, and payload delivery, indicating that it involves the distribution or delivery of malicious payloads potentially detected or analyzed through open-source intelligence methods. However, the details are limited, with no specific affected software versions, no known exploits in the wild, and no patches available, suggesting this is either a newly identified threat or a collection of IOCs without an associated active exploit campaign at the time of publication. The threat level is rated as medium, with a threatLevel metric of 2 and distribution metric of 3, implying moderate dissemination or detection frequency. The absence of CWEs (Common Weakness Enumerations) and technical specifics limits the ability to pinpoint exact attack vectors or vulnerabilities exploited. The lack of indicators in the report further constrains detailed technical analysis. Given the nature of OSINT and network activity tags, this threat likely involves reconnaissance or initial stages of malware delivery, possibly through network-based vectors or social engineering, but no direct evidence supports exploitation or compromise. The payload delivery tag suggests that the threat involves mechanisms to deliver malicious code, which could be used in subsequent stages of an attack chain. Overall, this threat appears to be an intelligence artifact highlighting potential or emerging malware activity rather than a fully developed or actively exploited malware campaign at the time of reporting.

Potential Impact

For European organizations, the impact of this threat is currently assessed as moderate due to the medium severity rating and lack of confirmed active exploitation. The threat’s association with OSINT and network activity suggests potential risks related to reconnaissance and initial compromise attempts, which could lead to unauthorized access, data exfiltration, or disruption if payload delivery succeeds. However, without specific affected products or vulnerabilities, the direct impact remains uncertain. European entities with extensive network exposure or those involved in critical infrastructure, finance, or government sectors should remain vigilant, as these sectors are often targeted for reconnaissance and initial payload delivery in broader attack campaigns. The absence of known exploits and patches indicates that organizations may not yet face immediate exploitation risks but should consider this threat as an early warning. If the threat evolves or is combined with other vulnerabilities, it could escalate to more severe impacts affecting confidentiality, integrity, and availability of systems and data.

Mitigation Recommendations

Given the limited technical details and absence of patches, European organizations should focus on proactive detection and prevention strategies tailored to OSINT-related and network-based threats. Specific recommendations include: 1) Enhancing network monitoring to detect unusual or suspicious network activity indicative of reconnaissance or payload delivery attempts, using advanced intrusion detection/prevention systems (IDS/IPS) with updated threat intelligence feeds. 2) Implementing strict email and web filtering policies to block potential payload delivery vectors, including sandboxing attachments and URLs. 3) Conducting regular threat hunting exercises leveraging OSINT sources to identify emerging IOCs and adapting defenses accordingly. 4) Ensuring robust endpoint protection with behavioral analysis capabilities to detect and quarantine unknown or suspicious payloads. 5) Training staff on recognizing social engineering tactics that may facilitate payload delivery. 6) Maintaining up-to-date asset inventories and network segmentation to limit lateral movement if initial compromise occurs. 7) Collaborating with national and European cybersecurity centers to share intelligence and receive timely alerts about evolving threats. These measures go beyond generic advice by emphasizing OSINT integration, proactive threat hunting, and network-level defenses specific to the threat’s characteristics.

Need more detailed analysis?Get Pro

Technical Details

Threat Level
2
Analysis
1
Distribution
3
Uuid
faf54813-a791-4ff9-b3ea-edad47872f09
Original Timestamp
1739750586

Indicators of Compromise

File

ValueDescriptionCopy
file31.171.131.83
Mirai botnet C2 server (confidence level: 75%)
file31.59.131.238
Mirai botnet C2 server (confidence level: 75%)
file42.235.154.113
Mirai payload delivery server (confidence level: 100%)
file59.95.85.40
Mirai payload delivery server (confidence level: 100%)
file120.61.68.97
Mirai payload delivery server (confidence level: 100%)
file117.215.249.82
Mirai payload delivery server (confidence level: 100%)
file59.88.140.173
Mirai payload delivery server (confidence level: 100%)
file61.2.151.2
Mirai payload delivery server (confidence level: 100%)
file102.33.80.182
Mirai payload delivery server (confidence level: 100%)
file103.207.124.49
Mirai payload delivery server (confidence level: 100%)
file60.189.244.224
Mirai payload delivery server (confidence level: 100%)
file103.247.52.197
Mirai payload delivery server (confidence level: 100%)
file119.116.36.65
Mirai payload delivery server (confidence level: 100%)
file103.207.125.52
Mirai payload delivery server (confidence level: 100%)
file45.178.250.90
Mirai payload delivery server (confidence level: 100%)
file110.182.251.206
Mirai payload delivery server (confidence level: 100%)
file59.97.255.106
Mirai payload delivery server (confidence level: 100%)
file190.110.176.83
Mirai payload delivery server (confidence level: 100%)
file185.248.12.129
Mirai payload delivery server (confidence level: 100%)
file178.245.232.95
Mirai payload delivery server (confidence level: 100%)
file222.136.140.83
Mirai payload delivery server (confidence level: 100%)
file27.153.201.216
Mirai payload delivery server (confidence level: 100%)
file175.151.249.161
Mirai payload delivery server (confidence level: 100%)
file103.203.72.139
Mirai payload delivery server (confidence level: 100%)
file103.207.125.5
Mirai payload delivery server (confidence level: 100%)
file221.225.231.34
Mirai payload delivery server (confidence level: 100%)
file45.164.177.102
Mirai payload delivery server (confidence level: 100%)
file115.55.63.117
Mirai payload delivery server (confidence level: 100%)
file59.99.220.103
Mirai payload delivery server (confidence level: 100%)
file211.148.104.167
Mirai payload delivery server (confidence level: 100%)
file103.203.72.227
Mirai payload delivery server (confidence level: 100%)
file103.199.180.156
Mirai payload delivery server (confidence level: 100%)
file117.221.50.51
Mirai payload delivery server (confidence level: 100%)
file103.98.38.173
Mirai payload delivery server (confidence level: 100%)
file103.98.38.150
Mirai payload delivery server (confidence level: 100%)
file192.10.163.76
Mirai payload delivery server (confidence level: 100%)
file45.164.177.171
Mirai payload delivery server (confidence level: 100%)
file219.157.59.83
Mirai payload delivery server (confidence level: 100%)
file1.70.127.236
Mirai payload delivery server (confidence level: 100%)
file117.209.89.62
Mirai payload delivery server (confidence level: 100%)
file103.199.202.192
Mirai payload delivery server (confidence level: 100%)
file223.8.213.139
Mirai payload delivery server (confidence level: 100%)
file175.107.2.115
Mirai payload delivery server (confidence level: 100%)
file202.66.165.57
Mirai payload delivery server (confidence level: 100%)
file117.211.37.103
Mirai payload delivery server (confidence level: 100%)
file117.211.215.108
Mirai payload delivery server (confidence level: 100%)
file191.29.133.216
Mirai payload delivery server (confidence level: 100%)
file182.121.252.121
Mirai payload delivery server (confidence level: 100%)
file103.207.125.55
Mirai payload delivery server (confidence level: 100%)
file117.215.139.182
Mirai payload delivery server (confidence level: 100%)
file172.38.0.225
Mirai payload delivery server (confidence level: 100%)
file119.143.165.164
Mirai payload delivery server (confidence level: 100%)
file61.52.54.208
Mirai payload delivery server (confidence level: 100%)
file115.58.95.45
Mirai payload delivery server (confidence level: 100%)
file115.60.22.211
Mirai payload delivery server (confidence level: 100%)
file42.235.171.56
Mirai payload delivery server (confidence level: 100%)
file103.208.230.41
Mirai payload delivery server (confidence level: 100%)
file115.55.223.75
Mirai payload delivery server (confidence level: 100%)
file121.237.167.31
Mirai payload delivery server (confidence level: 100%)
file125.41.2.112
Mirai payload delivery server (confidence level: 100%)
file59.88.19.247
Mirai payload delivery server (confidence level: 100%)
file103.199.200.252
Mirai payload delivery server (confidence level: 100%)
file117.206.73.192
Mirai payload delivery server (confidence level: 100%)
file103.247.6.98
Mirai payload delivery server (confidence level: 100%)
file42.232.82.206
Mirai payload delivery server (confidence level: 100%)
file117.197.225.182
Mirai payload delivery server (confidence level: 100%)
file109.106.142.43
Mirai payload delivery server (confidence level: 100%)
file45.164.177.197
Mirai payload delivery server (confidence level: 100%)
file42.238.244.143
Mirai payload delivery server (confidence level: 100%)
file182.117.26.62
Mirai payload delivery server (confidence level: 100%)
file45.164.177.162
Mirai payload delivery server (confidence level: 100%)
file125.106.32.67
Mirai payload delivery server (confidence level: 100%)
file59.89.217.42
Mirai payload delivery server (confidence level: 100%)
file117.209.83.6
Mirai payload delivery server (confidence level: 100%)
file125.62.199.32
Mirai payload delivery server (confidence level: 100%)
file183.240.211.144
Mirai payload delivery server (confidence level: 100%)
file123.5.127.175
Mirai payload delivery server (confidence level: 100%)
file27.0.217.195
Mirai payload delivery server (confidence level: 100%)
file102.33.105.87
Mirai payload delivery server (confidence level: 100%)
file59.91.90.29
Mirai payload delivery server (confidence level: 100%)
file59.182.111.124
Mirai payload delivery server (confidence level: 100%)
file117.248.162.244
Mirai payload delivery server (confidence level: 100%)
file112.246.113.161
Mirai payload delivery server (confidence level: 100%)
file59.93.130.217
Mirai payload delivery server (confidence level: 100%)
file117.255.185.229
Mirai payload delivery server (confidence level: 100%)
file123.9.47.122
Mirai payload delivery server (confidence level: 100%)
file115.55.224.32
Mirai payload delivery server (confidence level: 100%)
file117.254.96.59
Mirai payload delivery server (confidence level: 100%)
file175.147.153.77
Mirai payload delivery server (confidence level: 100%)
file117.209.3.106
Mirai payload delivery server (confidence level: 100%)
file182.124.34.64
Mirai payload delivery server (confidence level: 100%)
file117.248.161.189
Mirai payload delivery server (confidence level: 100%)
file59.99.210.136
Mirai payload delivery server (confidence level: 100%)
file211.223.79.89
Mirai payload delivery server (confidence level: 100%)
file194.5.249.178
Cobalt Strike botnet C2 server (confidence level: 100%)
file115.120.250.85
Cobalt Strike botnet C2 server (confidence level: 100%)
file196.251.73.85
Sliver botnet C2 server (confidence level: 100%)
file152.32.253.15
Unknown malware botnet C2 server (confidence level: 100%)
file45.87.173.96
AsyncRAT botnet C2 server (confidence level: 100%)
file212.162.155.84
AsyncRAT botnet C2 server (confidence level: 100%)
file107.175.48.5
AsyncRAT botnet C2 server (confidence level: 100%)
file185.49.126.245
AsyncRAT botnet C2 server (confidence level: 100%)
file23.94.126.207
AsyncRAT botnet C2 server (confidence level: 100%)
file23.94.126.207
AsyncRAT botnet C2 server (confidence level: 100%)
file185.49.126.52
AsyncRAT botnet C2 server (confidence level: 100%)
file191.96.207.75
AsyncRAT botnet C2 server (confidence level: 100%)
file45.88.186.26
AsyncRAT botnet C2 server (confidence level: 100%)
file45.88.186.26
AsyncRAT botnet C2 server (confidence level: 100%)
file73.135.172.24
Unknown malware botnet C2 server (confidence level: 100%)
file191.19.117.87
Quasar RAT botnet C2 server (confidence level: 100%)
file186.249.218.242
Havoc botnet C2 server (confidence level: 100%)
file5.178.3.137
Venom RAT botnet C2 server (confidence level: 100%)
file88.17.119.80
NetSupportManager RAT botnet C2 server (confidence level: 100%)
file13.245.117.46
NetSupportManager RAT botnet C2 server (confidence level: 100%)
file15.228.201.119
NetSupportManager RAT botnet C2 server (confidence level: 100%)
file15.228.201.119
NetSupportManager RAT botnet C2 server (confidence level: 100%)
file45.147.176.188
PoshC2 botnet C2 server (confidence level: 100%)
file20.199.76.181
ERMAC botnet C2 server (confidence level: 100%)
file196.119.150.206
NjRAT botnet C2 server (confidence level: 100%)
file172.179.236.95
Cobalt Strike botnet C2 server (confidence level: 50%)
file138.199.162.81
DarkComet botnet C2 server (confidence level: 100%)
file194.59.31.111
Remcos botnet C2 server (confidence level: 100%)
file104.250.169.100
Remcos botnet C2 server (confidence level: 100%)
file101.37.150.185
Sliver botnet C2 server (confidence level: 100%)
file5.83.218.75
Sliver botnet C2 server (confidence level: 100%)
file185.49.126.235
AsyncRAT botnet C2 server (confidence level: 100%)
file185.49.126.235
AsyncRAT botnet C2 server (confidence level: 100%)
file20.249.208.141
Havoc botnet C2 server (confidence level: 100%)
file20.92.165.192
Havoc botnet C2 server (confidence level: 100%)
file15.197.85.250
Kaiji botnet C2 server (confidence level: 100%)
file185.74.222.38
Bashlite botnet C2 server (confidence level: 100%)
file54.183.176.59
BianLian botnet C2 server (confidence level: 100%)
file209.97.146.219
BianLian botnet C2 server (confidence level: 100%)
file45.63.24.192
Unknown malware botnet C2 server (confidence level: 100%)
file45.94.31.85
Hook botnet C2 server (confidence level: 100%)
file37.60.238.252
Hook botnet C2 server (confidence level: 100%)
file74.249.102.229
Havoc botnet C2 server (confidence level: 100%)
file121.4.218.215
Unknown malware botnet C2 server (confidence level: 100%)
file3.90.0.40
Unknown malware botnet C2 server (confidence level: 100%)
file174.138.57.195
Unknown malware botnet C2 server (confidence level: 100%)
file52.57.36.62
Unknown malware botnet C2 server (confidence level: 100%)
file52.57.36.62
Unknown malware botnet C2 server (confidence level: 100%)
file137.184.106.200
Unknown malware botnet C2 server (confidence level: 100%)
file47.239.2.3
Unknown malware botnet C2 server (confidence level: 100%)
file13.200.23.247
Unknown malware botnet C2 server (confidence level: 100%)
file52.28.140.148
Unknown malware botnet C2 server (confidence level: 100%)
file91.198.220.226
Unknown malware botnet C2 server (confidence level: 100%)
file52.63.165.154
Unknown malware botnet C2 server (confidence level: 100%)
file13.39.13.30
Unknown malware botnet C2 server (confidence level: 100%)
file3.142.83.61
Unknown malware botnet C2 server (confidence level: 100%)
file47.101.188.111
Unknown malware botnet C2 server (confidence level: 100%)
file82.165.110.142
Unknown malware botnet C2 server (confidence level: 100%)
file206.189.56.251
Unknown malware botnet C2 server (confidence level: 50%)
file84.238.59.38
Unknown malware botnet C2 server (confidence level: 50%)
file116.204.34.3
Sliver botnet C2 server (confidence level: 50%)
file37.27.87.24
Sliver botnet C2 server (confidence level: 50%)
file96.9.124.213
Sliver botnet C2 server (confidence level: 50%)
file47.129.248.32
NetSupportManager RAT botnet C2 server (confidence level: 50%)
file57.158.24.35
Havoc botnet C2 server (confidence level: 50%)
file147.185.221.25
XWorm botnet C2 server (confidence level: 50%)
file37.235.55.18
NjRAT botnet C2 server (confidence level: 100%)
file31.171.131.21
MooBot botnet C2 server (confidence level: 100%)
file15.235.166.83
Sliver botnet C2 server (confidence level: 75%)
file15.236.210.224
NetSupportManager RAT botnet C2 server (confidence level: 75%)
file161.35.40.73
Sliver botnet C2 server (confidence level: 75%)
file185.195.106.81
Sliver botnet C2 server (confidence level: 75%)
file193.26.115.89
Havoc botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file89.117.72.46
Sliver botnet C2 server (confidence level: 75%)
file95.164.55.3
DanaBot botnet C2 server (confidence level: 75%)
file80.78.24.94
Cobalt Strike botnet C2 server (confidence level: 100%)
file95.163.64.151
Sliver botnet C2 server (confidence level: 100%)
file64.188.99.4
Sliver botnet C2 server (confidence level: 100%)
file198.98.48.4
Unknown malware botnet C2 server (confidence level: 100%)
file50.114.115.207
AsyncRAT botnet C2 server (confidence level: 100%)
file185.49.126.166
AsyncRAT botnet C2 server (confidence level: 100%)
file149.102.147.106
AsyncRAT botnet C2 server (confidence level: 100%)
file162.244.210.40
AsyncRAT botnet C2 server (confidence level: 100%)
file102.117.173.23
Unknown malware botnet C2 server (confidence level: 100%)
file150.158.45.167
Quasar RAT botnet C2 server (confidence level: 100%)
file35.180.228.21
NetSupportManager RAT botnet C2 server (confidence level: 100%)
file156.238.230.224
Unknown malware botnet C2 server (confidence level: 100%)
file185.102.75.120
Cobalt Strike botnet C2 server (confidence level: 100%)
file149.88.73.200
AsyncRAT botnet C2 server (confidence level: 100%)
file176.65.141.235
AsyncRAT botnet C2 server (confidence level: 100%)
file176.67.81.11
AsyncRAT botnet C2 server (confidence level: 100%)
file193.161.193.99
AsyncRAT botnet C2 server (confidence level: 100%)
file147.185.221.26
AsyncRAT botnet C2 server (confidence level: 100%)
file27.124.4.150
AsyncRAT botnet C2 server (confidence level: 100%)
file147.185.221.19
XWorm botnet C2 server (confidence level: 100%)
file138.124.58.209
XWorm botnet C2 server (confidence level: 100%)
file76.141.203.171
XWorm botnet C2 server (confidence level: 100%)
file193.161.193.9
XWorm botnet C2 server (confidence level: 100%)
file54.224.176.231
XWorm botnet C2 server (confidence level: 100%)
file88.127.230.152
XWorm botnet C2 server (confidence level: 100%)
file193.161.193.99
XWorm botnet C2 server (confidence level: 100%)
file45.88.91.186
XWorm botnet C2 server (confidence level: 100%)
file46.146.38.35
XWorm botnet C2 server (confidence level: 100%)
file20.193.152.212
XWorm botnet C2 server (confidence level: 100%)
file195.177.94.19
XWorm botnet C2 server (confidence level: 100%)
file89.31.122.116
XWorm botnet C2 server (confidence level: 100%)
file207.32.218.133
XWorm botnet C2 server (confidence level: 100%)
file185.241.208.60
XWorm botnet C2 server (confidence level: 100%)
file46.8.194.220
XWorm botnet C2 server (confidence level: 100%)
file147.185.221.25
XWorm botnet C2 server (confidence level: 100%)
file176.65.134.31
XWorm botnet C2 server (confidence level: 100%)
file147.185.221.23
XWorm botnet C2 server (confidence level: 100%)
file193.161.193.88
XWorm botnet C2 server (confidence level: 100%)
file37.114.39.23
XWorm botnet C2 server (confidence level: 100%)
file64.7.198.74
XWorm botnet C2 server (confidence level: 100%)
file93.80.32.255
XWorm botnet C2 server (confidence level: 100%)
file172.245.20.209
XWorm botnet C2 server (confidence level: 100%)
file147.185.221.25
XWorm botnet C2 server (confidence level: 100%)
file147.185.221.25
XWorm botnet C2 server (confidence level: 100%)
file195.177.94.204
XWorm botnet C2 server (confidence level: 100%)
file188.127.225.33
Remcos botnet C2 server (confidence level: 100%)
file198.135.50.224
Remcos botnet C2 server (confidence level: 100%)
file5.45.67.76
Remcos botnet C2 server (confidence level: 100%)
file23.94.82.22
Remcos botnet C2 server (confidence level: 100%)
file95.27.4.238
NjRAT botnet C2 server (confidence level: 100%)
file158.101.117.24
Nanocore RAT botnet C2 server (confidence level: 100%)
file195.189.238.68
CyberGate botnet C2 server (confidence level: 100%)
file178.49.37.59
CyberGate botnet C2 server (confidence level: 100%)
file117.204.52.77
CyberGate botnet C2 server (confidence level: 100%)
file5.71.212.194
CyberGate botnet C2 server (confidence level: 100%)
file185.224.0.239
Bashlite botnet C2 server (confidence level: 100%)
file82.153.138.142
Bashlite botnet C2 server (confidence level: 100%)
file184.77.150.121
DarkComet botnet C2 server (confidence level: 100%)
file213.190.57.17
DarkComet botnet C2 server (confidence level: 100%)
file92.73.139.121
DarkComet botnet C2 server (confidence level: 100%)
file130.193.142.41
DarkComet botnet C2 server (confidence level: 100%)
file193.242.166.48
DarkComet botnet C2 server (confidence level: 100%)
file109.236.61.60
DarkComet botnet C2 server (confidence level: 100%)
file81.220.71.93
DarkComet botnet C2 server (confidence level: 100%)
file68.144.181.57
DarkComet botnet C2 server (confidence level: 100%)
file69.243.133.201
DarkComet botnet C2 server (confidence level: 100%)
file20.0.106.6
Cobalt Strike botnet C2 server (confidence level: 75%)
file47.239.165.225
Cobalt Strike botnet C2 server (confidence level: 75%)
file47.129.34.49
Cobalt Strike botnet C2 server (confidence level: 100%)
file119.8.38.62
Cobalt Strike botnet C2 server (confidence level: 100%)
file91.212.166.54
AMOS botnet C2 server (confidence level: 75%)
file216.122.166.17
Antidot botnet C2 server (confidence level: 75%)
file92.255.85.36
SectopRAT botnet C2 server (confidence level: 75%)
file92.255.85.36
SectopRAT botnet C2 server (confidence level: 75%)
file64.95.11.106
Sliver botnet C2 server (confidence level: 50%)
file174.138.78.76
Sliver botnet C2 server (confidence level: 50%)
file45.9.148.62
Sliver botnet C2 server (confidence level: 50%)
file66.228.32.147
Sliver botnet C2 server (confidence level: 50%)
file18.134.95.174
BlackShades botnet C2 server (confidence level: 50%)
file194.87.68.243
Orcus RAT botnet C2 server (confidence level: 50%)
file45.11.92.73
MooBot botnet C2 server (confidence level: 100%)
file172.111.244.104
Remcos botnet C2 server (confidence level: 100%)
file154.30.3.134
Quasar RAT botnet C2 server (confidence level: 100%)
file109.248.162.19
Havoc botnet C2 server (confidence level: 100%)
file3.70.11.235
NetSupportManager RAT botnet C2 server (confidence level: 100%)
file144.172.73.45
Mirai botnet C2 server (confidence level: 75%)
file88.244.209.174
NjRAT botnet C2 server (confidence level: 100%)
file45.93.20.15
Meduza Stealer botnet C2 server (confidence level: 100%)
file92.118.112.199
DanaBot botnet C2 server (confidence level: 100%)
file92.118.112.200
DanaBot botnet C2 server (confidence level: 100%)
file20.40.99.133
Cobalt Strike botnet C2 server (confidence level: 100%)
file185.49.126.166
AsyncRAT botnet C2 server (confidence level: 100%)
file103.68.251.174
Havoc botnet C2 server (confidence level: 100%)
file82.153.79.9
Havoc botnet C2 server (confidence level: 100%)
file13.40.37.82
NetSupportManager RAT botnet C2 server (confidence level: 100%)
file13.251.129.9
NetSupportManager RAT botnet C2 server (confidence level: 100%)
file45.94.31.85
ERMAC botnet C2 server (confidence level: 100%)
file13.224.101.73
DeimosC2 botnet C2 server (confidence level: 75%)
file159.138.20.150
Unknown malware botnet C2 server (confidence level: 75%)
file172.111.160.2
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file216.235.95.100
DeimosC2 botnet C2 server (confidence level: 75%)
file64.188.99.4
Sliver botnet C2 server (confidence level: 75%)
file20.40.99.133
Cobalt Strike botnet C2 server (confidence level: 75%)
file147.185.221.25
NjRAT botnet C2 server (confidence level: 100%)

Hash

ValueDescriptionCopy
hash1995
Mirai botnet C2 server (confidence level: 75%)
hash3778
Mirai botnet C2 server (confidence level: 75%)
hash52266
Mirai payload delivery server (confidence level: 100%)
hash54677
Mirai payload delivery server (confidence level: 100%)
hash50907
Mirai payload delivery server (confidence level: 100%)
hash60479
Mirai payload delivery server (confidence level: 100%)
hash38095
Mirai payload delivery server (confidence level: 100%)
hash53491
Mirai payload delivery server (confidence level: 100%)
hash55097
Mirai payload delivery server (confidence level: 100%)
hash46918
Mirai payload delivery server (confidence level: 100%)
hash57217
Mirai payload delivery server (confidence level: 100%)
hash54146
Mirai payload delivery server (confidence level: 100%)
hash40937
Mirai payload delivery server (confidence level: 100%)
hash52052
Mirai payload delivery server (confidence level: 100%)
hash10012
Mirai payload delivery server (confidence level: 100%)
hash48030
Mirai payload delivery server (confidence level: 100%)
hash41489
Mirai payload delivery server (confidence level: 100%)
hash34928
Mirai payload delivery server (confidence level: 100%)
hash53782
Mirai payload delivery server (confidence level: 100%)
hash41311
Mirai payload delivery server (confidence level: 100%)
hash42846
Mirai payload delivery server (confidence level: 100%)
hash52132
Mirai payload delivery server (confidence level: 100%)
hash57469
Mirai payload delivery server (confidence level: 100%)
hash54517
Mirai payload delivery server (confidence level: 100%)
hash60171
Mirai payload delivery server (confidence level: 100%)
hash51688
Mirai payload delivery server (confidence level: 100%)
hash11462
Mirai payload delivery server (confidence level: 100%)
hash56833
Mirai payload delivery server (confidence level: 100%)
hash58712
Mirai payload delivery server (confidence level: 100%)
hash52824
Mirai payload delivery server (confidence level: 100%)
hash35974
Mirai payload delivery server (confidence level: 100%)
hash41217
Mirai payload delivery server (confidence level: 100%)
hash41440
Mirai payload delivery server (confidence level: 100%)
hash56392
Mirai payload delivery server (confidence level: 100%)
hash54377
Mirai payload delivery server (confidence level: 100%)
hash41479
Mirai payload delivery server (confidence level: 100%)
hash11875
Mirai payload delivery server (confidence level: 100%)
hash42100
Mirai payload delivery server (confidence level: 100%)
hash50363
Mirai payload delivery server (confidence level: 100%)
hash57875
Mirai payload delivery server (confidence level: 100%)
hash34560
Mirai payload delivery server (confidence level: 100%)
hash59247
Mirai payload delivery server (confidence level: 100%)
hash39790
Mirai payload delivery server (confidence level: 100%)
hash37801
Mirai payload delivery server (confidence level: 100%)
hash47570
Mirai payload delivery server (confidence level: 100%)
hash54426
Mirai payload delivery server (confidence level: 100%)
hash39840
Mirai payload delivery server (confidence level: 100%)
hash56583
Mirai payload delivery server (confidence level: 100%)
hash59495
Mirai payload delivery server (confidence level: 100%)
hash51124
Mirai payload delivery server (confidence level: 100%)
hash57458
Mirai payload delivery server (confidence level: 100%)
hash49382
Mirai payload delivery server (confidence level: 100%)
hash47257
Mirai payload delivery server (confidence level: 100%)
hash36272
Mirai payload delivery server (confidence level: 100%)
hash6288
Mirai payload delivery server (confidence level: 100%)
hash58076
Mirai payload delivery server (confidence level: 100%)
hash42929
Mirai payload delivery server (confidence level: 100%)
hash46811
Mirai payload delivery server (confidence level: 100%)
hash52360
Mirai payload delivery server (confidence level: 100%)
hash57140
Mirai payload delivery server (confidence level: 100%)
hash47235
Mirai payload delivery server (confidence level: 100%)
hash50618
Mirai payload delivery server (confidence level: 100%)
hash60308
Mirai payload delivery server (confidence level: 100%)
hash48449
Mirai payload delivery server (confidence level: 100%)
hash32807
Mirai payload delivery server (confidence level: 100%)
hash45108
Mirai payload delivery server (confidence level: 100%)
hash63571
Mirai payload delivery server (confidence level: 100%)
hash10761
Mirai payload delivery server (confidence level: 100%)
hash48953
Mirai payload delivery server (confidence level: 100%)
hash32987
Mirai payload delivery server (confidence level: 100%)
hash11406
Mirai payload delivery server (confidence level: 100%)
hash33860
Mirai payload delivery server (confidence level: 100%)
hash59628
Mirai payload delivery server (confidence level: 100%)
hash35134
Mirai payload delivery server (confidence level: 100%)
hash47483
Mirai payload delivery server (confidence level: 100%)
hash36008
Mirai payload delivery server (confidence level: 100%)
hash49108
Mirai payload delivery server (confidence level: 100%)
hash40090
Mirai payload delivery server (confidence level: 100%)
hash52893
Mirai payload delivery server (confidence level: 100%)
hash51476
Mirai payload delivery server (confidence level: 100%)
hash39264
Mirai payload delivery server (confidence level: 100%)
hash32769
Mirai payload delivery server (confidence level: 100%)
hash33031
Mirai payload delivery server (confidence level: 100%)
hash56601
Mirai payload delivery server (confidence level: 100%)
hash53335
Mirai payload delivery server (confidence level: 100%)
hash50013
Mirai payload delivery server (confidence level: 100%)
hash52276
Mirai payload delivery server (confidence level: 100%)
hash42843
Mirai payload delivery server (confidence level: 100%)
hash56158
Mirai payload delivery server (confidence level: 100%)
hash60251
Mirai payload delivery server (confidence level: 100%)
hash59215
Mirai payload delivery server (confidence level: 100%)
hash60409
Mirai payload delivery server (confidence level: 100%)
hash37742
Mirai payload delivery server (confidence level: 100%)
hash54774
Mirai payload delivery server (confidence level: 100%)
hash443
Cobalt Strike botnet C2 server (confidence level: 100%)
hash443
Cobalt Strike botnet C2 server (confidence level: 100%)
hash50337
Sliver botnet C2 server (confidence level: 100%)
hash8888
Unknown malware botnet C2 server (confidence level: 100%)
hash2404
AsyncRAT botnet C2 server (confidence level: 100%)
hash8808
AsyncRAT botnet C2 server (confidence level: 100%)
hash8808
AsyncRAT botnet C2 server (confidence level: 100%)
hash8808
AsyncRAT botnet C2 server (confidence level: 100%)
hash8808
AsyncRAT botnet C2 server (confidence level: 100%)
hash7707
AsyncRAT botnet C2 server (confidence level: 100%)
hash7707
AsyncRAT botnet C2 server (confidence level: 100%)
hash8808
AsyncRAT botnet C2 server (confidence level: 100%)
hash8808
AsyncRAT botnet C2 server (confidence level: 100%)
hash6606
AsyncRAT botnet C2 server (confidence level: 100%)
hash7443
Unknown malware botnet C2 server (confidence level: 100%)
hash5000
Quasar RAT botnet C2 server (confidence level: 100%)
hash443
Havoc botnet C2 server (confidence level: 100%)
hash4449
Venom RAT botnet C2 server (confidence level: 100%)
hash443
NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash19999
NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash5984
NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash54284
NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash443
PoshC2 botnet C2 server (confidence level: 100%)
hash80
ERMAC botnet C2 server (confidence level: 100%)
hash10000
NjRAT botnet C2 server (confidence level: 100%)
hash55443
Cobalt Strike botnet C2 server (confidence level: 50%)
hash1863
DarkComet botnet C2 server (confidence level: 100%)
hash46167
Remcos botnet C2 server (confidence level: 100%)
hash3191
Remcos botnet C2 server (confidence level: 100%)
hash8443
Sliver botnet C2 server (confidence level: 100%)
hash443
Sliver botnet C2 server (confidence level: 100%)
hash2004
AsyncRAT botnet C2 server (confidence level: 100%)
hash8808
AsyncRAT botnet C2 server (confidence level: 100%)
hash443
Havoc botnet C2 server (confidence level: 100%)
hash443
Havoc botnet C2 server (confidence level: 100%)
hash10081
Kaiji botnet C2 server (confidence level: 100%)
hash8080
Bashlite botnet C2 server (confidence level: 100%)
hash30534
BianLian botnet C2 server (confidence level: 100%)
hash5060
BianLian botnet C2 server (confidence level: 100%)
hash7443
Unknown malware botnet C2 server (confidence level: 100%)
hash80
Hook botnet C2 server (confidence level: 100%)
hash50000
Hook botnet C2 server (confidence level: 100%)
hash443
Havoc botnet C2 server (confidence level: 100%)
hash60000
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash80
Unknown malware botnet C2 server (confidence level: 100%)
hash443
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash82
Unknown malware botnet C2 server (confidence level: 100%)
hash443
Unknown malware botnet C2 server (confidence level: 100%)
hash443
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash443
Unknown malware botnet C2 server (confidence level: 100%)
hash2807
Unknown malware botnet C2 server (confidence level: 100%)
hash8082
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 50%)
hash3333
Unknown malware botnet C2 server (confidence level: 50%)
hash31337
Sliver botnet C2 server (confidence level: 50%)
hash31337
Sliver botnet C2 server (confidence level: 50%)
hash31337
Sliver botnet C2 server (confidence level: 50%)
hash44158
NetSupportManager RAT botnet C2 server (confidence level: 50%)
hash443
Havoc botnet C2 server (confidence level: 50%)
hash63018
XWorm botnet C2 server (confidence level: 50%)
hash4567
NjRAT botnet C2 server (confidence level: 100%)
hash80
MooBot botnet C2 server (confidence level: 100%)
hash8443
Sliver botnet C2 server (confidence level: 75%)
hash9201
NetSupportManager RAT botnet C2 server (confidence level: 75%)
hash8888
Sliver botnet C2 server (confidence level: 75%)
hash8888
Sliver botnet C2 server (confidence level: 75%)
hash40056
Havoc botnet C2 server (confidence level: 75%)
hash10000
DeimosC2 botnet C2 server (confidence level: 75%)
hash10260
DeimosC2 botnet C2 server (confidence level: 75%)
hash10314
DeimosC2 botnet C2 server (confidence level: 75%)
hash10480
DeimosC2 botnet C2 server (confidence level: 75%)
hash11103
DeimosC2 botnet C2 server (confidence level: 75%)
hash11128
DeimosC2 botnet C2 server (confidence level: 75%)
hash13072
DeimosC2 botnet C2 server (confidence level: 75%)
hash14470
DeimosC2 botnet C2 server (confidence level: 75%)
hash14974
DeimosC2 botnet C2 server (confidence level: 75%)
hash15302
DeimosC2 botnet C2 server (confidence level: 75%)
hash15443
DeimosC2 botnet C2 server (confidence level: 75%)
hash16192
DeimosC2 botnet C2 server (confidence level: 75%)
hash16991
DeimosC2 botnet C2 server (confidence level: 75%)
hash18246
DeimosC2 botnet C2 server (confidence level: 75%)
hash18665
DeimosC2 botnet C2 server (confidence level: 75%)
hash19432
DeimosC2 botnet C2 server (confidence level: 75%)
hash19925
DeimosC2 botnet C2 server (confidence level: 75%)
hash20546
DeimosC2 botnet C2 server (confidence level: 75%)
hash22368
DeimosC2 botnet C2 server (confidence level: 75%)
hash23890
DeimosC2 botnet C2 server (confidence level: 75%)
hash24893
DeimosC2 botnet C2 server (confidence level: 75%)
hash26034
DeimosC2 botnet C2 server (confidence level: 75%)
hash26791
DeimosC2 botnet C2 server (confidence level: 75%)
hash27807
DeimosC2 botnet C2 server (confidence level: 75%)
hash28866
DeimosC2 botnet C2 server (confidence level: 75%)
hash29024
DeimosC2 botnet C2 server (confidence level: 75%)
hash29783
DeimosC2 botnet C2 server (confidence level: 75%)
hash29911
DeimosC2 botnet C2 server (confidence level: 75%)
hash30699
DeimosC2 botnet C2 server (confidence level: 75%)
hash31095
DeimosC2 botnet C2 server (confidence level: 75%)
hash3128
DeimosC2 botnet C2 server (confidence level: 75%)
hash31307
DeimosC2 botnet C2 server (confidence level: 75%)
hash31830
DeimosC2 botnet C2 server (confidence level: 75%)
hash6825
DeimosC2 botnet C2 server (confidence level: 75%)
hash8888
Sliver botnet C2 server (confidence level: 75%)
hash443
DanaBot botnet C2 server (confidence level: 75%)
hash8085
Cobalt Strike botnet C2 server (confidence level: 100%)
hash443
Sliver botnet C2 server (confidence level: 100%)
hash443
Sliver botnet C2 server (confidence level: 100%)
hash8888
Unknown malware botnet C2 server (confidence level: 100%)
hash6606
AsyncRAT botnet C2 server (confidence level: 100%)
hash2004
AsyncRAT botnet C2 server (confidence level: 100%)
hash1000
AsyncRAT botnet C2 server (confidence level: 100%)
hash8808
AsyncRAT botnet C2 server (confidence level: 100%)
hash7443
Unknown malware botnet C2 server (confidence level: 100%)
hash14782
Quasar RAT botnet C2 server (confidence level: 100%)
hash591
NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash80
Cobalt Strike botnet C2 server (confidence level: 100%)
hash8856
AsyncRAT botnet C2 server (confidence level: 100%)
hash4449
AsyncRAT botnet C2 server (confidence level: 100%)
hash443
AsyncRAT botnet C2 server (confidence level: 100%)
hash56266
AsyncRAT botnet C2 server (confidence level: 100%)
hash1125
AsyncRAT botnet C2 server (confidence level: 100%)
hash51311
AsyncRAT botnet C2 server (confidence level: 100%)
hash18254
XWorm botnet C2 server (confidence level: 100%)
hash5555
XWorm botnet C2 server (confidence level: 100%)
hash1194
XWorm botnet C2 server (confidence level: 100%)
hash1194
XWorm botnet C2 server (confidence level: 100%)
hash2632
XWorm botnet C2 server (confidence level: 100%)
hash49155
XWorm botnet C2 server (confidence level: 100%)
hash24703
XWorm botnet C2 server (confidence level: 100%)
hash1234
XWorm botnet C2 server (confidence level: 100%)
hash7000
XWorm botnet C2 server (confidence level: 100%)
hash3392
XWorm botnet C2 server (confidence level: 100%)
hash7000
XWorm botnet C2 server (confidence level: 100%)
hash1123
XWorm botnet C2 server (confidence level: 100%)
hash7234
XWorm botnet C2 server (confidence level: 100%)
hash7000
XWorm botnet C2 server (confidence level: 100%)
hash7771
XWorm botnet C2 server (confidence level: 100%)
hash61522
XWorm botnet C2 server (confidence level: 100%)
hash7000
XWorm botnet C2 server (confidence level: 100%)
hash31659
XWorm botnet C2 server (confidence level: 100%)
hash7000
XWorm botnet C2 server (confidence level: 100%)
hash5555
XWorm botnet C2 server (confidence level: 100%)
hash7000
XWorm botnet C2 server (confidence level: 100%)
hash7000
XWorm botnet C2 server (confidence level: 100%)
hash7000
XWorm botnet C2 server (confidence level: 100%)
hash59366
XWorm botnet C2 server (confidence level: 100%)
hash64820
XWorm botnet C2 server (confidence level: 100%)
hash7000
XWorm botnet C2 server (confidence level: 100%)
hash5637
Remcos botnet C2 server (confidence level: 100%)
hash53648
Remcos botnet C2 server (confidence level: 100%)
hash1212
Remcos botnet C2 server (confidence level: 100%)
hash5890
Remcos botnet C2 server (confidence level: 100%)
hash28015
NjRAT botnet C2 server (confidence level: 100%)
hash4782
Nanocore RAT botnet C2 server (confidence level: 100%)
hash81
CyberGate botnet C2 server (confidence level: 100%)
hash6112
CyberGate botnet C2 server (confidence level: 100%)
hash84
CyberGate botnet C2 server (confidence level: 100%)
hash81
CyberGate botnet C2 server (confidence level: 100%)
hash666
Bashlite botnet C2 server (confidence level: 100%)
hash12345
Bashlite botnet C2 server (confidence level: 100%)
hash1604
DarkComet botnet C2 server (confidence level: 100%)
hash4411
DarkComet botnet C2 server (confidence level: 100%)
hash3460
DarkComet botnet C2 server (confidence level: 100%)
hash1604
DarkComet botnet C2 server (confidence level: 100%)
hash1605
DarkComet botnet C2 server (confidence level: 100%)
hash1604
DarkComet botnet C2 server (confidence level: 100%)
hash1604
DarkComet botnet C2 server (confidence level: 100%)
hash999
DarkComet botnet C2 server (confidence level: 100%)
hash100
DarkComet botnet C2 server (confidence level: 100%)
hash80
Cobalt Strike botnet C2 server (confidence level: 75%)
hash8443
Cobalt Strike botnet C2 server (confidence level: 75%)
hash80
Cobalt Strike botnet C2 server (confidence level: 100%)
hash7777
Cobalt Strike botnet C2 server (confidence level: 100%)
hash443
AMOS botnet C2 server (confidence level: 75%)
hash8237
Antidot botnet C2 server (confidence level: 75%)
hash15847
SectopRAT botnet C2 server (confidence level: 75%)
hash9000
SectopRAT botnet C2 server (confidence level: 75%)
hash31337
Sliver botnet C2 server (confidence level: 50%)
hash31337
Sliver botnet C2 server (confidence level: 50%)
hash31337
Sliver botnet C2 server (confidence level: 50%)
hash31337
Sliver botnet C2 server (confidence level: 50%)
hash3306
BlackShades botnet C2 server (confidence level: 50%)
hash10134
Orcus RAT botnet C2 server (confidence level: 50%)
hash56999
MooBot botnet C2 server (confidence level: 100%)
hash8347
Remcos botnet C2 server (confidence level: 100%)
hash31415
Quasar RAT botnet C2 server (confidence level: 100%)
hash443
Havoc botnet C2 server (confidence level: 100%)
hash7723
NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash9931
Mirai botnet C2 server (confidence level: 75%)
hash3333
NjRAT botnet C2 server (confidence level: 100%)
hash15666
Meduza Stealer botnet C2 server (confidence level: 100%)
hash443
DanaBot botnet C2 server (confidence level: 100%)
hash443
DanaBot botnet C2 server (confidence level: 100%)
hash8080
Cobalt Strike botnet C2 server (confidence level: 100%)
hash7707
AsyncRAT botnet C2 server (confidence level: 100%)
hash4433
Havoc botnet C2 server (confidence level: 100%)
hash443
Havoc botnet C2 server (confidence level: 100%)
hash21
NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash2079
NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash8080
ERMAC botnet C2 server (confidence level: 100%)
hash443
DeimosC2 botnet C2 server (confidence level: 75%)
hash60000
Unknown malware botnet C2 server (confidence level: 75%)
hash443
DeimosC2 botnet C2 server (confidence level: 75%)
hash10252
DeimosC2 botnet C2 server (confidence level: 75%)
hash11755
DeimosC2 botnet C2 server (confidence level: 75%)
hash17603
DeimosC2 botnet C2 server (confidence level: 75%)
hash18244
DeimosC2 botnet C2 server (confidence level: 75%)
hash23820
DeimosC2 botnet C2 server (confidence level: 75%)
hash24220
DeimosC2 botnet C2 server (confidence level: 75%)
hash25486
DeimosC2 botnet C2 server (confidence level: 75%)
hash26193
DeimosC2 botnet C2 server (confidence level: 75%)
hash27506
DeimosC2 botnet C2 server (confidence level: 75%)
hash28015
DeimosC2 botnet C2 server (confidence level: 75%)
hash28911
DeimosC2 botnet C2 server (confidence level: 75%)
hash29016
DeimosC2 botnet C2 server (confidence level: 75%)
hash29924
DeimosC2 botnet C2 server (confidence level: 75%)
hash30358
DeimosC2 botnet C2 server (confidence level: 75%)
hash3116
DeimosC2 botnet C2 server (confidence level: 75%)
hash8888
Sliver botnet C2 server (confidence level: 75%)
hash80
Cobalt Strike botnet C2 server (confidence level: 75%)
hash65218
NjRAT botnet C2 server (confidence level: 100%)

Domain

ValueDescriptionCopy
domainaesthzeticday.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainampklevision.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainblisksfulfuture.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainblissfzuljourney.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainbrhightfusion.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaincalhmhaven.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaincherikshedideas.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaincherishzmoments.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaincreatiyvegroove.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaindreamcrazfters.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaindreamekrspace.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainelysianfizelds.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainembracekchange.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainflourishklife.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainflouriszhzozne.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainglowpathy.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaingraqcefulstep.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaingratefulhkeart.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainhappyhquest.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainhopeqfulhearts.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainideasphark.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaininspiqredminds.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainjololyquest.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainjoyousqvibes.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainkindredqspirits.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainlnovewave.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainluminousqpath.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainmqindfuljourney.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainnaqturewisdom.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainnexntvision.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainoceanbreoeze.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainopuqlentnest.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainpeacqegfulmind.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainpeakaspiroe.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainquietreverie.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainquiwetwaveso.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainradiantnpulse.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainrgadiantsoul.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainriqsingstaro.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainsegrenewaves.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainthwrivenest.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaintragnquilgrove.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaintruenorthn.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainuniggvgersaljoy.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainuniwtysphere.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainuyniquequest.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainvigbragntflow.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainvisiwonarypath.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainwkanderlustpath.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainwzonderfield.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainxpzloreideas.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainyouzrjoyfulplace.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainzekalousspirit.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainzenfylare.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainzephzyrcloud.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainaheadrarry.help
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaincontributioninspection.info
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaindreamerfruits.cloud
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaincheck.gaxfd.icu
ClearFake payload delivery domain (confidence level: 100%)
domainmsiserver.net
NjRAT botnet C2 domain (confidence level: 50%)
domainbz-frnd1.ydns.eu
Quasar RAT botnet C2 domain (confidence level: 50%)
domainsystcisd.ddnsking.com
Quasar RAT botnet C2 domain (confidence level: 50%)
domainimages-hunting.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 50%)
domainnot-warm.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 50%)
domaincheck.piqcz.icu
ClearFake payload delivery domain (confidence level: 100%)
domainyou-insk-bad.pages.dev
Vidar botnet C2 domain (confidence level: 100%)
domainfresh-orange-juice.pages.dev
Vidar botnet C2 domain (confidence level: 100%)
domainads.green-pickle-jo.shop
Vidar botnet C2 domain (confidence level: 100%)
domainfivexc5vs.top
CryptBot botnet C2 domain (confidence level: 100%)
domainfivejj5sr.top
CryptBot botnet C2 domain (confidence level: 100%)
domainf1086012.xsph.ru
DCRat botnet C2 domain (confidence level: 100%)
domainjocer66c.beget.tech
DCRat botnet C2 domain (confidence level: 100%)
domainf1085679.xsph.ru
DCRat botnet C2 domain (confidence level: 100%)
domainjocer66c.be
DCRat botnet C2 domain (confidence level: 100%)
domainf1085892.xsph.ru
DCRat botnet C2 domain (confidence level: 100%)
domaincz34019.tw1.ru
DCRat botnet C2 domain (confidence level: 100%)
domainickyseeky.shop
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainabnormasik.click
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainonevd1sb.top
CryptBot botnet C2 domain (confidence level: 100%)
domainonevd1vs.top
CryptBot botnet C2 domain (confidence level: 100%)
domainthrevd3vt.top
CryptBot botnet C2 domain (confidence level: 100%)
domaintwovd2vt.top
CryptBot botnet C2 domain (confidence level: 100%)
domainthrevd3sb.top
CryptBot botnet C2 domain (confidence level: 100%)
domaintwovd2sb.top
CryptBot botnet C2 domain (confidence level: 100%)
domainonevd1pt.top
CryptBot botnet C2 domain (confidence level: 100%)
domainonevd1ht.top
CryptBot botnet C2 domain (confidence level: 100%)
domainthrevd3ht.top
CryptBot botnet C2 domain (confidence level: 100%)
domainonevd1sr.top
CryptBot botnet C2 domain (confidence level: 100%)
domaintwov2pn.top
CryptBot botnet C2 domain (confidence level: 100%)
domain2qjhb2csdk7kr.cfc-execute.bj.baidubce.com
Cobalt Strike botnet C2 domain (confidence level: 75%)
domaina3dkg2aaaa.westus2.cloudapp.azure.com
Cobalt Strike botnet C2 domain (confidence level: 75%)
domainbigtest.procheckup.com
Cobalt Strike botnet C2 domain (confidence level: 75%)
domaindouyin.wwvvdouyin.cc
Cobalt Strike botnet C2 domain (confidence level: 75%)
domaingreat-wherever.gl.at.ply.gg
AsyncRAT botnet C2 domain (confidence level: 100%)
domainx0jlj7s1ibdosewoq029prs9.duckdns.org
AsyncRAT botnet C2 domain (confidence level: 100%)
domainsupersender.top
AsyncRAT botnet C2 domain (confidence level: 100%)
domainfavor.ydns.eu
AsyncRAT botnet C2 domain (confidence level: 100%)
domainseratospm.giize.com
AsyncRAT botnet C2 domain (confidence level: 100%)
domainsfsdtgeds-34641.portmap.host
AsyncRAT botnet C2 domain (confidence level: 100%)
domaindgfsdfsdfsdf-60631.portmap.host
AsyncRAT botnet C2 domain (confidence level: 100%)
domainrhgdsg-46696.portmap.host
AsyncRAT botnet C2 domain (confidence level: 100%)
domainvendasdecasas.online
AsyncRAT botnet C2 domain (confidence level: 100%)
domainfrancoislouis712.duckdns.org
AsyncRAT botnet C2 domain (confidence level: 100%)
domainfranclouis882.duckdns.org
AsyncRAT botnet C2 domain (confidence level: 100%)
domainmar-contest.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domaintable-goals.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainsony-duties.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainbenefits-lift.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainip-definitely.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainlast-would.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domaingedsdg-63727.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domainso-pad.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainwithout-affecting.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainwestern-bright.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainheart-colleges.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainaerd-47210.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domainhave-process.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainpresent-seeds.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainairport-reporter.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainitem-gnu.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domaingermany-animal.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainasked-jd.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainnews-cultures.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainletter-diamonds.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domaindrive-barcelona.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainel-norm.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainlead-passage.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domain1305-36961.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domainconference-std.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainmodel-virtually.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainagentwoo-37720.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domainagentwoo-62626.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domainnet-enable.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainsupport-mere.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainevilcoder-62402.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domainskidderhay-32934.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domainadministration-till.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainbattery-mercedes.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainblog-competitive.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domaindistribution-nicaragua.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainfeatures-exclude.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domaindata-save.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domaintrust-sri.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainchanges-collection.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainpapers-legendary.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainquote-symposium.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainpinkippp.com
XWorm botnet C2 domain (confidence level: 100%)
domainmrn0name-40574.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domaingreater-districts.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domaindsgsdg-45723.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domainindustry-ratings.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainworldwide-serial.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainopmans-48990.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domainplugins-41446.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domainflash-affordable.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainjournal-maui.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainmb-them.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainrichard-stuck.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainbeautiful-microphone.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainwuya-nsw.xyz
Cobalt Strike botnet C2 domain (confidence level: 75%)
domainmatch-os.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domaincolor-electric.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domaincouncil-boc.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainchild-antibody.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domaindiscussion-levy.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainagainst-generator.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainname-perception.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainpackage-mother.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domaingifts-highs.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainset-reduces.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainmd-fort.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainclxp-34730.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domainsddgdsfgeds-43448.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domainsports-lows.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainchoose-surgeons.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 100%)
domainnowayjose-61162.portmap.host
XWorm botnet C2 domain (confidence level: 100%)
domainbenhenry2234.zapto.org
Remcos botnet C2 domain (confidence level: 100%)
domainxbbxzqaw.ddns.net
Remcos botnet C2 domain (confidence level: 100%)
domainugobelube.duckdns.org
Remcos botnet C2 domain (confidence level: 100%)
domainkavemarb99juyet5.duckdns.org
Remcos botnet C2 domain (confidence level: 100%)
domainkavemarb99juyet1.duckdns.org
Remcos botnet C2 domain (confidence level: 100%)
domainkavemarb99juyet3.duckdns.org
Remcos botnet C2 domain (confidence level: 100%)
domainsupersoftin.duckdns.org
Remcos botnet C2 domain (confidence level: 100%)
domainkavemarb99juyet4.duckdns.org
Remcos botnet C2 domain (confidence level: 100%)
domainnetwin66wow.duckdns.org
Remcos botnet C2 domain (confidence level: 100%)
domainkavemarb99juyet6.duckdns.org
Remcos botnet C2 domain (confidence level: 100%)
domainkavemarb99juyet2.duckdns.org
Remcos botnet C2 domain (confidence level: 100%)
domainnaps.is-into-games.com
Remcos botnet C2 domain (confidence level: 100%)
domainupdateservice.linkpc.net
NjRAT botnet C2 domain (confidence level: 100%)
domainnjratcrackbiden.zapto.org
NjRAT botnet C2 domain (confidence level: 100%)
domainnj1994.duckdns.org
NjRAT botnet C2 domain (confidence level: 100%)
domainupdatservice3457.ddns.net
NjRAT botnet C2 domain (confidence level: 100%)
domainsampop.linkpc.net
NjRAT botnet C2 domain (confidence level: 100%)
domainmk.babyisis.com.br
NjRAT botnet C2 domain (confidence level: 100%)
domainalahacker.no-ip.org
NjRAT botnet C2 domain (confidence level: 100%)
domainchromasvaldo.ddns.net
NjRAT botnet C2 domain (confidence level: 100%)
domainbaranreis123.ddns.net
Nanocore RAT botnet C2 domain (confidence level: 100%)
domainfbkeys.myftp.org
CyberGate botnet C2 domain (confidence level: 100%)
domainhackbertthebrain.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainheker47.sytes.net
CyberGate botnet C2 domain (confidence level: 100%)
domainbra1.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainnour1003.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainlalelulalei.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainitsthetruth.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainrobdark.dyndns.org
CyberGate botnet C2 domain (confidence level: 100%)
domainslaverat.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaingreeting.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domaingoodconnection.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainazooze96.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainaidengz.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaintotal-free.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domaincrush31.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domaintalha.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainlayla.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainfickenman.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaingenelev.sytes.net
CyberGate botnet C2 domain (confidence level: 100%)
domainwaitforme.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainblacktiger05.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domain504487l.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainxtreempje.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainsamir.servehalflife.com
CyberGate botnet C2 domain (confidence level: 100%)
domainknightrider1.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaincairneyss.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainshanison.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaincyber123.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainh3nry.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainfhlogs1.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainhackring-king.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainpaxromana.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainbara1994.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainindigo4real34.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainyabouheli.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainoramkoburamako2.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainivanamaa.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaindarkhaked1234.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainremotehokben.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainmalthegreat.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainm0eslem.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainicqservice.serveirc.com
CyberGate botnet C2 domain (confidence level: 100%)
domaincyberga4teh5cking.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaincooperr.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainloto.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainnaconjo.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainblackwalllie.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainvivahopy1.sytes.net
CyberGate botnet C2 domain (confidence level: 100%)
domainstiuvert.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainhmssal7ob.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainwardy94.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainpopodepepe.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainhackguner.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainseki111.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainjavaupdater.servehttp.com
CyberGate botnet C2 domain (confidence level: 100%)
domainewfewf.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainupdater200.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainhackernabli.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainnewhome.homelinux.com
CyberGate botnet C2 domain (confidence level: 100%)
domainsagegc.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainshitheads.no-ip.com
CyberGate botnet C2 domain (confidence level: 100%)
domainugandascape.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaindainius1122.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainanmelden1231.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domaindeniszhack.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainaravind11301.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domaincfyserver.sytes.net
CyberGate botnet C2 domain (confidence level: 100%)
domainkarizma05.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainjillnet.hopto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainxspas.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainmyserverfree.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainzagkorat.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainsecurex812.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainglorty1.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainxxben240xx.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainthanhhoai.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainsmel45454.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainifp2011.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainretchard.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainownedyou1125.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainh2x2.myftp.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainmetus1337.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainflapdrolyordi.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainvolemal.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainrandom1p.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainsystem30.servegame.com
CyberGate botnet C2 domain (confidence level: 100%)
domaintestgivi.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainshowonnnnn.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domains3ds3ood2010.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainfuntoushe-77.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainadminftp.ftpaccess.cc
CyberGate botnet C2 domain (confidence level: 100%)
domainmaier-maxi.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domaintylerb0ss.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainzooma151.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainraul1115.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainsourcegen.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainghoststarcraft.no-ip.info
DarkComet botnet C2 domain (confidence level: 100%)
domain75as4d53a1sd.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domaincerebrius.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainblackzx.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainmatt.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainmoehome.dyndns.org
DarkComet botnet C2 domain (confidence level: 100%)
domainmylovely.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domaindaniele2.no-ip.info
DarkComet botnet C2 domain (confidence level: 100%)
domainasm296.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domaingarcon.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainadsa123.no-ip.info
DarkComet botnet C2 domain (confidence level: 100%)
domaincl0m3nt.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domaintaping.duckdns.org
DarkComet botnet C2 domain (confidence level: 100%)
domainromhacker.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domaindarkserver.no-ip.info
DarkComet botnet C2 domain (confidence level: 100%)
domainrabun95.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainkromoz23.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domaincruee.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainsbregar.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domaintrinydarkcomet.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainjacker.no-ip.info
DarkComet botnet C2 domain (confidence level: 100%)
domainretards.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainsahli.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainmeexonline.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainnorgledys.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainsocold.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainace369258147.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainiamusinganoip.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainpointblankv1.duckdns.org
DarkComet botnet C2 domain (confidence level: 100%)
domainxmgx.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainblackzx.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainr3xr3g1s.no-ip.info
DarkComet botnet C2 domain (confidence level: 100%)
domainwelljack.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainarsene.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainygo.no-ip.info
DarkComet botnet C2 domain (confidence level: 100%)
domainw0xx-24.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainsonykuccio.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainleethackers.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domaincybertechnologyinc.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainglhacker.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domaintommyhf.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainomerexpert.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domaininworld.vip.sh
DarkComet botnet C2 domain (confidence level: 100%)
domainsprk.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domaindestructoid.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainka8evdei.no-ip.info
DarkComet botnet C2 domain (confidence level: 100%)
domainzackzm.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainwinrarsfx.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainedog778.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainuoku.sytes.net
DarkComet botnet C2 domain (confidence level: 100%)
domainr-wlany.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainturkuhacker70.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domain357hftphhm.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainserverbudau.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainfingers.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainwilliamm.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainforum.3utilities.com
DarkComet botnet C2 domain (confidence level: 100%)
domaingoogler.3utilities.com
DarkComet botnet C2 domain (confidence level: 100%)
domainoox.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainhoszelaar.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainleethost.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domaincgdutchn00bz.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainetclan.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainhackman.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainr3c0n.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainomaromar.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domaingniewkowiec0359.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainmrlokoniqq.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainmisteryou79.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainface005.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainlololol.hopto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainarpej.duckdns.org
DarkComet botnet C2 domain (confidence level: 100%)
domainwelljacker.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainfoxiland.no-ip.info
DarkComet botnet C2 domain (confidence level: 100%)
domainbsserver1337.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainwinrarsfx.linkpc.net
DarkComet botnet C2 domain (confidence level: 100%)
domainonev1sb.top
CryptBot botnet C2 domain (confidence level: 100%)
domainforz4pt.top
CryptBot botnet C2 domain (confidence level: 100%)
domainonev1pt.top
CryptBot botnet C2 domain (confidence level: 100%)
domainforbz4sr.top
CryptBot botnet C2 domain (confidence level: 100%)
domainonev1sr.top
CryptBot botnet C2 domain (confidence level: 100%)
domaintwov2sr.top
CryptBot botnet C2 domain (confidence level: 100%)
domainonexv1pn.top
CryptBot botnet C2 domain (confidence level: 100%)
domainforbz4pn.top
CryptBot botnet C2 domain (confidence level: 100%)
domainonexv1vs.top
CryptBot botnet C2 domain (confidence level: 100%)
domaintwoxv2pt.top
CryptBot botnet C2 domain (confidence level: 100%)
domainsixxv6pt.top
CryptBot botnet C2 domain (confidence level: 100%)
domainonexv1pt.top
CryptBot botnet C2 domain (confidence level: 100%)
domaintwoxv2sr.top
CryptBot botnet C2 domain (confidence level: 100%)
domainthrexv3sr.top
CryptBot botnet C2 domain (confidence level: 100%)
domainfivexv5sr.top
CryptBot botnet C2 domain (confidence level: 100%)
domainonexv1sr.top
CryptBot botnet C2 domain (confidence level: 100%)
domainsixxv6sr.top
CryptBot botnet C2 domain (confidence level: 100%)
domainonexc1pn.top
CryptBot botnet C2 domain (confidence level: 100%)
domainthreq3pn.top
CryptBot botnet C2 domain (confidence level: 100%)
domainsixxc6pn.top
CryptBot botnet C2 domain (confidence level: 100%)
domaintwoxc2pn.top
CryptBot botnet C2 domain (confidence level: 100%)
domainfivexx5pn.top
CryptBot botnet C2 domain (confidence level: 100%)
domainsixxc6pt.top
CryptBot botnet C2 domain (confidence level: 100%)
domaintwoxc2pt.top
CryptBot botnet C2 domain (confidence level: 100%)
domainsixxc6vt.top
CryptBot botnet C2 domain (confidence level: 100%)
domaintwoxc2vt.top
CryptBot botnet C2 domain (confidence level: 100%)
domainfivexx5vt.top
CryptBot botnet C2 domain (confidence level: 100%)
domainonexc1vt.top
CryptBot botnet C2 domain (confidence level: 100%)
domainthrexx3vt.top
CryptBot botnet C2 domain (confidence level: 100%)
domainneizx9vs.top
CryptBot botnet C2 domain (confidence level: 100%)
domainonezc1vs.top
CryptBot botnet C2 domain (confidence level: 100%)
domainsixzx6vs.top
CryptBot botnet C2 domain (confidence level: 100%)
domaintwozx2vs.top
CryptBot botnet C2 domain (confidence level: 100%)
domainthrtuu13pn.top
CryptBot botnet C2 domain (confidence level: 100%)
domainthrtjj13sr.top
CryptBot botnet C2 domain (confidence level: 100%)
domainfiveuu5pn.top
CryptBot botnet C2 domain (confidence level: 100%)
domainfrtnjj14sr.top
CryptBot botnet C2 domain (confidence level: 100%)
domaintenpp10sb.top
CryptBot botnet C2 domain (confidence level: 100%)
domaincheck.kaqpw.icu
ClearFake payload delivery domain (confidence level: 100%)
domainpeactefulpath.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainads.green-pickle-jo.shop
ClearFake payload delivery domain (confidence level: 100%)
domainsqairs.com
AMOS botnet C2 domain (confidence level: 100%)
domainfestalferalweek.online
Antidot botnet C2 domain (confidence level: 100%)
domaincheck.zuzcq.icu
ClearFake payload delivery domain (confidence level: 100%)
domaincheck.revrb.icu
ClearFake payload delivery domain (confidence level: 100%)
domaincheck.gyhxr.icu
ClearFake payload delivery domain (confidence level: 100%)
domaincheck.tusmh.icu
ClearFake payload delivery domain (confidence level: 100%)
domaindigitalservice.ddnsguru.com
AsyncRAT botnet C2 domain (confidence level: 50%)
domaincheck.mojtf.icu
ClearFake payload delivery domain (confidence level: 100%)
domaincheck.reqpn.icu
ClearFake payload delivery domain (confidence level: 100%)
domainb.gewrye.shop
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaincheck.powqg.icu
ClearFake payload delivery domain (confidence level: 100%)
domainu1.giddinessrebirth.shop
ClearFake payload delivery domain (confidence level: 100%)
domaincheck.hivrv.icu
ClearFake payload delivery domain (confidence level: 100%)
domaincheck.qyfmx.icu
ClearFake payload delivery domain (confidence level: 100%)
domaincheck.fimdp.icu
ClearFake payload delivery domain (confidence level: 100%)
domaincheck.zibzr.icu
ClearFake payload delivery domain (confidence level: 100%)
domaincheck.goccb.icu
ClearFake payload delivery domain (confidence level: 100%)
domaincheck.qoqsn.icu
ClearFake payload delivery domain (confidence level: 100%)
domaindasdv1.service1921.club
Mirai botnet C2 domain (confidence level: 50%)
domainnumbers-insights.gl.at.ply.gg
Quasar RAT botnet C2 domain (confidence level: 50%)
domainh4x000r.duckdns.org
Revenge RAT botnet C2 domain (confidence level: 50%)
domainglobal-bibliographic.gl.at.ply.gg
XWorm botnet C2 domain (confidence level: 50%)
domainnetwork.dhcpclient.com
Cobalt Strike botnet C2 domain (confidence level: 75%)

Url

ValueDescriptionCopy
urlhttps://check.gaxfd.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://u1.sulkuntie.shop/guajira.mp3
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://sunsetvale.xyz/mdqyztc1mju5mjzi/
Coper botnet C2 (confidence level: 100%)
urlhttps://frozenpeak.xyz/ndi3yjdmytrlzjy3/
Coper botnet C2 (confidence level: 100%)
urlhttp://800811cm.nyashk.ru/eternalimageauthdblinuxwindowsuniversal.php
DCRat botnet C2 (confidence level: 100%)
urlhttp://123.58.220.204:8888/supershell/login/
Unknown malware botnet C2 (confidence level: 100%)
urlhttps://pastebin.com/raw/gu7qawaq
XWorm botnet C2 (confidence level: 50%)
urlhttps://check.piqcz.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://intentionalklife.top/api
Lumma Stealer botnet C2 (confidence level: 100%)
urlhttps://hopefulpatkh.top/api
Lumma Stealer botnet C2 (confidence level: 100%)
urlhttps://you-insk-bad.pages.dev/
Vidar botnet C2 (confidence level: 100%)
urlhttps://fresh-orange-juice.pages.dev/
Vidar botnet C2 (confidence level: 100%)
urlhttps://ads.green-pickle-jo.shop/1.m4a
Vidar botnet C2 (confidence level: 100%)
urlhttps://api.telegram.org/bot7926380598:aafjrd_ca7fbaplbmehsa_vrzjuzjwdmlws/sendmessage
AsyncRAT botnet C2 (confidence level: 100%)
urlhttps://api.telegram.org/bot6118451923:aae5b-pwqciyrwostvi2hwoqu2xjltg2ida/sendmessage
AsyncRAT botnet C2 (confidence level: 100%)
urlhttp://home.twntjj20sr.top/kqeaovfurhdhtcpfrfme15
CryptBot botnet C2 (confidence level: 100%)
urlhttp://home.elvnjj1sr.top/pekvtmslvrbvfmwtjqva17
CryptBot botnet C2 (confidence level: 100%)
urlhttp://home.fivepp5sb.top/joleplgszibrhlkjbqyx17
CryptBot botnet C2 (confidence level: 100%)
urlhttp://home.thrtjj13sr.top/eqljmjryixwlxpguliyp16
CryptBot botnet C2 (confidence level: 100%)
urlhttp://home.fortth14ht.top/ntrmovgoaovbjpksulkp13
CryptBot botnet C2 (confidence level: 100%)
urlhttp://home.elvnpp11sb.top/pbeokzppuoamimahvrmg11
CryptBot botnet C2 (confidence level: 100%)
urlhttp://home.elvnuuu11pn.top/ulvjakqlxazlgwxqjbuu04
CryptBot botnet C2 (confidence level: 100%)
urlhttp://home.elvnhh11pn.top/ziudfupkeorigmpcoxua1738611128
CryptBot botnet C2 (confidence level: 100%)
urlhttps://ickyseeky.shop/api
Lumma Stealer botnet C2 (confidence level: 100%)
urlhttps://abnormasik.click/api
Lumma Stealer botnet C2 (confidence level: 100%)
urlhttps://peactefulpath.top/api
Lumma Stealer botnet C2 (confidence level: 100%)
urlhttps://check.kaqpw.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://jookerkslxsafkr.xyz/api
Lumma Stealer botnet C2 (confidence level: 75%)
urlhttps://sqairs.com/macshare.php
AMOS botnet C2 (confidence level: 100%)
urlhttps://check.zuzcq.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://check.revrb.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://check.gyhxr.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://check.tusmh.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttp://a0768683.xsph.ru/_defaultwindows.php
DCRat botnet C2 (confidence level: 100%)
urlhttps://radiatntideas.top/api
Lumma Stealer botnet C2 (confidence level: 50%)
urlhttp://37.60.238.252:50000/
Hook botnet C2 (confidence level: 50%)
urlhttps://www.iq-insitute.org/
Unknown malware payload delivery URL (confidence level: 50%)
urlhttps://check.mojtf.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://check.reqpn.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://check.powqg.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://u1.giddinessrebirth.shop/guajira.mp3
ClearFake payload delivery URL (confidence level: 100%)
urlhttp://136601cm.shnyash.ru/pythonlinuxuploads.php
DCRat botnet C2 (confidence level: 100%)
urlhttps://check.hivrv.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://check.qyfmx.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://healthyhabixts.tech/api
Lumma Stealer botnet C2 (confidence level: 100%)
urlhttps://swiftvantage.online/art.php
Unknown Loader botnet C2 (confidence level: 100%)
urlhttps://check.fimdp.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://check.zibzr.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttp://59.95.95.87:33776/mozi.m
Mozi payload delivery URL (confidence level: 50%)
urlhttps://check.goccb.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://check.qoqsn.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttp://20.74.209.192:4443/unhr
Cobalt Strike botnet C2 (confidence level: 75%)

Threat ID: 682acdc3bbaf20d303f20062

Added to database: 5/19/2025, 6:20:52 AM

Last enriched: 6/18/2025, 8:20:27 AM

Last updated: 8/18/2025, 8:32:07 AM

Views: 18

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

External Links

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats