Skip to main content
Radar
DashboardThreatsMapFeedsAPI
reconnecting

ThreatFox IOCs for 2025-03-20

Medium
Malwaretype:osinttlp:white
Published: Thu Mar 20 2025 (03/20/2025, 00:00:00 UTC)
Source: ThreatFox
Vendor/Project: type
Product: osint

Description

ThreatFox IOCs for 2025-03-20

AI-Powered Analysis

AILast updated: 06/19/2025, 15:48:48 UTC

Technical Analysis

The provided threat intelligence relates to a malware-related report titled "ThreatFox IOCs for 2025-03-20," sourced from ThreatFox, a platform known for sharing Indicators of Compromise (IOCs) and threat intelligence data. The report is categorized under 'type:osint,' indicating that it primarily involves open-source intelligence data rather than a specific malware family or exploit. There are no affected product versions or specific vulnerabilities listed, and no known exploits in the wild have been reported. The technical details include a threat level of 2 (on an unspecified scale), an analysis rating of 1, and a distribution rating of 3, suggesting moderate dissemination or visibility of the threat indicators. The absence of concrete IOCs, CWE identifiers, or patch links implies that this report serves more as a situational awareness update rather than detailing an active or emerging exploit. The medium severity rating assigned by the source likely reflects the potential for this intelligence to aid in detecting or mitigating malware threats rather than indicating a direct, immediate risk. Overall, this threat intelligence appears to be a collection or update of OSINT-based malware indicators that could support defensive operations but does not describe a novel or actively exploited vulnerability or malware strain.

Potential Impact

For European organizations, the impact of this threat intelligence is primarily informational and preparatory. Since no specific malware variants, vulnerabilities, or exploits are detailed, the direct risk to confidentiality, integrity, or availability is limited at this stage. However, the distribution rating of 3 suggests that the associated IOCs or related malware activity may be moderately widespread, which could imply that European entities might encounter related threats if they rely on the shared OSINT for detection. The medium severity indicates that while the threat is not immediately critical, organizations should remain vigilant, as the intelligence could help identify or prevent malware infections. The lack of known exploits in the wild reduces the urgency but does not eliminate the possibility of future exploitation. European organizations involved in cybersecurity monitoring, threat hunting, or incident response could benefit from integrating this intelligence to enhance detection capabilities. The impact is thus more strategic and operational rather than immediate or catastrophic.

Mitigation Recommendations

Given the nature of this threat intelligence as an OSINT-based update without specific vulnerabilities or exploits, mitigation should focus on enhancing threat detection and response capabilities. Organizations should: 1) Integrate the provided IOCs (when available) into existing security information and event management (SIEM) systems and endpoint detection and response (EDR) tools to improve detection of related malware activity. 2) Maintain up-to-date threat intelligence feeds and ensure security teams are trained to interpret and act on OSINT data effectively. 3) Conduct regular threat hunting exercises leveraging the latest OSINT to proactively identify potential compromises. 4) Collaborate with information sharing and analysis centers (ISACs) relevant to their sector and region to receive timely updates and contextualize threat intelligence. 5) Ensure robust incident response plans are in place to quickly contain and remediate any malware infections detected through these indicators. These steps go beyond generic advice by emphasizing operational integration of OSINT and proactive threat hunting tailored to the intelligence provided.

Affected Countries

GermanyGermany
FranceFrance
United KingdomUnited Kingdom
NetherlandsNetherlands
ItalyItaly
SpainSpain
Need more detailed analysis?Get Pro

Technical Details

Threat Level
2
Analysis
1
Distribution
3
Uuid
5ab893f2-505c-456a-9f35-c69aa0224623
Original Timestamp
1742515386

Indicators of Compromise

Url

ValueDescriptionCopy
urlhttp://202.146.222.166:8888/supershell/login/
Unknown malware botnet C2 (confidence level: 100%)
urlhttps://janhugo.com/1q2w.js
FAKEUPDATES payload delivery URL (confidence level: 100%)
urlhttps://janhugo.com/js.php
FAKEUPDATES payload delivery URL (confidence level: 100%)
urlhttps://janhugo.com/5s1j.js
FAKEUPDATES payload delivery URL (confidence level: 100%)
urlhttp://jaxxyg5.zapto.org
DarkComet botnet C2 (confidence level: 100%)
urlhttps://176.65.141.165:8587/0721217eab03d184996db/jks0dfje.0f4gv
Rhadamanthys botnet C2 (confidence level: 100%)
urlhttp://humorbone.icu/ury.php
Unknown Loader botnet C2 (confidence level: 100%)
urlhttp://humorbone.icu/uri.php
Unknown Loader botnet C2 (confidence level: 100%)
urlhttps://check.axei3.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttp://147.45.42.161/pages/login.php
Unknown malware botnet C2 (confidence level: 100%)
urlhttps://y.p.formaxprime.co.uk/
Vidar botnet C2 (confidence level: 100%)
urlhttps://check.atuu7.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)
urlhttps://176.65.141.166:2405/0721217eab03d184996db/0c8607s1.q8xnq
Rhadamanthys botnet C2 (confidence level: 100%)
urlhttps://starbits.world/api
Lumma Stealer botnet C2 (confidence level: 100%)
urlhttps://vfclan.com/4q5t.js
FAKEUPDATES payload delivery URL (confidence level: 100%)
urlhttps://vfclan.com/js.php
FAKEUPDATES payload delivery URL (confidence level: 100%)
urlhttps://7297383.cfd/
Lumma Stealer payload delivery URL (confidence level: 100%)
urlhttps://92841.cfd/
Lumma Stealer payload delivery URL (confidence level: 100%)
urlhttps://378945.cfd/
Lumma Stealer payload delivery URL (confidence level: 100%)
urlhttps://payment-comfirmation.com/
Lumma Stealer payload delivery URL (confidence level: 100%)
urlhttps://927484.cfd/
Lumma Stealer payload delivery URL (confidence level: 100%)
urlhttps://927842.cfd/
Lumma Stealer payload delivery URL (confidence level: 100%)
urlhttps://994521.cfd/
Lumma Stealer payload delivery URL (confidence level: 100%)
urlhttps://836787.cfd/
Lumma Stealer payload delivery URL (confidence level: 100%)
urlhttps://stripe-connect.org/
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://booking.sales-id-4021.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://complaints6236.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idguset64325643.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://userguestid28956.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idreserverationguest72353456.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://reserveratinid991.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://guestid73436.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://reserveratinguestid662233.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://id5512.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://check-errorguestis.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idreservguest2622748.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://complaintreservaid3.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://elmdenlhotel.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://complaintreservaid4.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idguestreservation634812.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://complaintsidguest4.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://guesterror23125.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://complaintguest3.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idguestres72346.click
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://booking.complaints99831.shop
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idverefication1.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://complaints99831.shop
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idres123.click
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://guestid3329912.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://guesterrorid612353.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://other-errorreserw.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://complaintguest5.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://complaintreservaid2.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://reservations-id.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://verefication731346.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://consumer-policy.info
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://reviews-57391.info
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://id-1888213.info
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idreservaguest1.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idguestres3.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://id-120199821.world
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idguestreserva12462.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idguest99366623.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://complaintguest1.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://compliteguest5215.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idcomplaint3.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://error-reserwisgusta.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idreservaguset124634.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idguestreserva995231.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://booking.id-1888213.info
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idvereficaton3.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idcomlreserva3527.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://id3315.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://policy-consume.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://policy-consumer.world
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://userguestid18956.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://reserveratinguestid662233.shop
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://id723467.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idcomplaint4.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://reservation-id.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://guestid734523.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idguest44215.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://compliteguest5215.top
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://compliteguest5215.shop
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://ajksndfroghvnc4asdf.live
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://comlpt7721.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://guestid3329912.shop
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://complaints99831.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://compliteguest5215.world
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://userguestid38956.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://bedingfeldarms634.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://booking.reservations-id.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://vereficatin6124.world
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://compliteguest5215.live
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://dlmparis623.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idres123.world
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://reservagusetid645234.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://complaintsidguest3.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idreserv7323.cfd
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://idverefication2.com
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://booking.id-120199821.world
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://com-review2815.info
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://booking.reviews-57391.info
Unknown malware payload delivery URL (confidence level: 100%)
urlhttps://vfclan.com/1q2w.js
FAKEUPDATES payload delivery URL (confidence level: 100%)
urlhttps://check.uhaa4.icu/gkcxv.google
ClearFake payload delivery URL (confidence level: 100%)

File

ValueDescriptionCopy
file202.146.222.166
Unknown malware botnet C2 server (confidence level: 100%)
file135.125.21.41
RedLine Stealer botnet C2 server (confidence level: 100%)
file185.194.205.79
Mirai botnet C2 server (confidence level: 75%)
file154.82.92.133
Cobalt Strike botnet C2 server (confidence level: 100%)
file196.251.72.250
Cobalt Strike botnet C2 server (confidence level: 100%)
file120.24.64.74
Cobalt Strike botnet C2 server (confidence level: 100%)
file196.251.69.85
Remcos botnet C2 server (confidence level: 100%)
file45.62.170.96
Remcos botnet C2 server (confidence level: 100%)
file172.111.131.195
Remcos botnet C2 server (confidence level: 100%)
file66.248.206.248
Remcos botnet C2 server (confidence level: 100%)
file24.137.215.157
Sliver botnet C2 server (confidence level: 100%)
file104.193.69.145
Sliver botnet C2 server (confidence level: 100%)
file194.32.142.52
Sliver botnet C2 server (confidence level: 100%)
file154.12.60.69
Unknown malware botnet C2 server (confidence level: 100%)
file45.200.51.134
AsyncRAT botnet C2 server (confidence level: 100%)
file172.191.137.101
Havoc botnet C2 server (confidence level: 100%)
file179.43.172.173
Havoc botnet C2 server (confidence level: 100%)
file171.232.0.161
Venom RAT botnet C2 server (confidence level: 100%)
file172.86.109.207
Crimson RAT botnet C2 server (confidence level: 100%)
file185.184.123.94
Stealc botnet C2 server (confidence level: 100%)
file69.116.218.10
CyberGate botnet C2 server (confidence level: 100%)
file37.72.20.177
CyberGate botnet C2 server (confidence level: 100%)
file94.209.216.217
CyberGate botnet C2 server (confidence level: 100%)
file187.61.156.97
CyberGate botnet C2 server (confidence level: 100%)
file82.242.243.50
CyberGate botnet C2 server (confidence level: 100%)
file188.49.81.147
CyberGate botnet C2 server (confidence level: 100%)
file84.240.10.41
CyberGate botnet C2 server (confidence level: 100%)
file85.216.30.19
CyberGate botnet C2 server (confidence level: 100%)
file75.127.106.18
CyberGate botnet C2 server (confidence level: 100%)
file200.85.213.103
CyberGate botnet C2 server (confidence level: 100%)
file103.77.246.204
Bashlite botnet C2 server (confidence level: 100%)
file176.65.142.137
Bashlite botnet C2 server (confidence level: 100%)
file212.183.137.12
Bashlite botnet C2 server (confidence level: 100%)
file46.37.123.142
Bashlite botnet C2 server (confidence level: 100%)
file94.154.34.34
Bashlite botnet C2 server (confidence level: 100%)
file192.223.29.160
Bashlite botnet C2 server (confidence level: 100%)
file45.125.12.175
Bashlite botnet C2 server (confidence level: 100%)
file72.39.80.238
DarkComet botnet C2 server (confidence level: 100%)
file91.234.104.220
DarkComet botnet C2 server (confidence level: 100%)
file108.34.128.228
DarkComet botnet C2 server (confidence level: 100%)
file185.246.113.247
DarkComet botnet C2 server (confidence level: 100%)
file85.113.180.44
DarkComet botnet C2 server (confidence level: 100%)
file109.154.48.141
DarkComet botnet C2 server (confidence level: 100%)
file84.143.193.35
DarkComet botnet C2 server (confidence level: 100%)
file62.45.180.50
DarkComet botnet C2 server (confidence level: 100%)
file98.222.26.73
DarkComet botnet C2 server (confidence level: 100%)
file77.120.29.157
DarkComet botnet C2 server (confidence level: 100%)
file79.183.169.134
DarkComet botnet C2 server (confidence level: 100%)
file86.76.24.22
DarkComet botnet C2 server (confidence level: 100%)
file200.98.174.142
DarkComet botnet C2 server (confidence level: 100%)
file95.168.194.192
DarkComet botnet C2 server (confidence level: 100%)
file194.67.193.20
SpyNote botnet C2 server (confidence level: 100%)
file103.54.153.7
SpyNote botnet C2 server (confidence level: 100%)
file46.197.220.52
SpyNote botnet C2 server (confidence level: 100%)
file46.39.31.25
SpyNote botnet C2 server (confidence level: 100%)
file103.216.118.53
SpyNote botnet C2 server (confidence level: 100%)
file154.82.92.133
Cobalt Strike botnet C2 server (confidence level: 100%)
file47.116.208.81
Cobalt Strike botnet C2 server (confidence level: 100%)
file5.252.74.203
DarkComet botnet C2 server (confidence level: 100%)
file196.251.81.96
AsyncRAT botnet C2 server (confidence level: 100%)
file207.244.247.213
AsyncRAT botnet C2 server (confidence level: 100%)
file192.238.133.242
Hook botnet C2 server (confidence level: 100%)
file192.238.133.237
Hook botnet C2 server (confidence level: 100%)
file148.113.214.176
Quasar RAT botnet C2 server (confidence level: 100%)
file161.35.3.214
Havoc botnet C2 server (confidence level: 100%)
file171.232.0.161
Venom RAT botnet C2 server (confidence level: 100%)
file42.119.37.212
Orcus RAT botnet C2 server (confidence level: 100%)
file113.45.128.31
Cobalt Strike botnet C2 server (confidence level: 100%)
file45.55.107.101
Sliver botnet C2 server (confidence level: 90%)
file94.242.53.120
Unknown malware botnet C2 server (confidence level: 100%)
file45.144.53.177
MooBot botnet C2 server (confidence level: 100%)
file137.184.72.185
Unknown malware botnet C2 server (confidence level: 100%)
file104.248.43.181
Unknown malware botnet C2 server (confidence level: 100%)
file91.121.224.84
Unknown malware botnet C2 server (confidence level: 100%)
file184.82.103.200
Unknown malware botnet C2 server (confidence level: 100%)
file23.160.56.29
Unknown malware botnet C2 server (confidence level: 100%)
file43.160.207.83
Unknown malware botnet C2 server (confidence level: 100%)
file51.75.125.53
Unknown malware botnet C2 server (confidence level: 100%)
file35.247.239.132
Unknown malware botnet C2 server (confidence level: 100%)
file178.128.122.83
Unknown malware botnet C2 server (confidence level: 100%)
file63.177.170.151
Unknown malware botnet C2 server (confidence level: 100%)
file3.142.194.205
Unknown malware botnet C2 server (confidence level: 100%)
file133.218.149.45
Unknown malware botnet C2 server (confidence level: 100%)
file5.182.19.40
Unknown malware botnet C2 server (confidence level: 100%)
file3.139.129.22
Unknown malware botnet C2 server (confidence level: 100%)
file209.38.61.237
Unknown malware botnet C2 server (confidence level: 100%)
file18.193.106.246
Unknown malware botnet C2 server (confidence level: 100%)
file20.40.54.115
Unknown malware botnet C2 server (confidence level: 100%)
file216.176.190.164
Unknown malware botnet C2 server (confidence level: 100%)
file154.12.235.22
Unknown malware botnet C2 server (confidence level: 100%)
file161.35.16.202
Unknown malware botnet C2 server (confidence level: 100%)
file45.125.66.57
Remcos botnet C2 server (confidence level: 75%)
file176.65.141.165
Rhadamanthys botnet C2 server (confidence level: 100%)
file45.138.16.211
XWorm botnet C2 server (confidence level: 75%)
file139.180.192.163
PlugX botnet C2 server (confidence level: 100%)
file139.180.192.163
PlugX botnet C2 server (confidence level: 100%)
file103.107.105.35
PlugX botnet C2 server (confidence level: 100%)
file103.107.105.35
PlugX botnet C2 server (confidence level: 100%)
file196.251.72.66
DarkVision RAT botnet C2 server (confidence level: 75%)
file176.65.134.39
Remcos botnet C2 server (confidence level: 75%)
file124.222.38.4
Cobalt Strike botnet C2 server (confidence level: 100%)
file139.196.181.1
Cobalt Strike botnet C2 server (confidence level: 100%)
file156.238.233.109
Cobalt Strike botnet C2 server (confidence level: 100%)
file47.253.165.251
Cobalt Strike botnet C2 server (confidence level: 100%)
file113.125.100.178
Cobalt Strike botnet C2 server (confidence level: 100%)
file39.108.176.121
Cobalt Strike botnet C2 server (confidence level: 100%)
file123.57.37.108
Cobalt Strike botnet C2 server (confidence level: 100%)
file1.94.105.194
Cobalt Strike botnet C2 server (confidence level: 100%)
file113.44.87.199
Cobalt Strike botnet C2 server (confidence level: 100%)
file91.223.3.141
Remcos botnet C2 server (confidence level: 100%)
file95.216.118.42
Remcos botnet C2 server (confidence level: 100%)
file206.123.152.41
Remcos botnet C2 server (confidence level: 100%)
file70.34.242.59
pupy botnet C2 server (confidence level: 100%)
file51.89.242.58
AsyncRAT botnet C2 server (confidence level: 100%)
file206.123.138.205
AsyncRAT botnet C2 server (confidence level: 100%)
file185.206.148.210
AsyncRAT botnet C2 server (confidence level: 100%)
file161.35.246.140
Unknown malware botnet C2 server (confidence level: 100%)
file5.34.176.4
Unknown malware botnet C2 server (confidence level: 100%)
file185.5.124.254
Havoc botnet C2 server (confidence level: 100%)
file161.35.3.214
Havoc botnet C2 server (confidence level: 100%)
file148.66.21.236
DCRat botnet C2 server (confidence level: 100%)
file130.164.163.76
NetSupportManager RAT botnet C2 server (confidence level: 100%)
file54.193.163.62
NetSupportManager RAT botnet C2 server (confidence level: 100%)
file156.229.233.104
MooBot botnet C2 server (confidence level: 100%)
file209.94.59.194
MimiKatz botnet C2 server (confidence level: 100%)
file185.208.158.227
Cobalt Strike botnet C2 server (confidence level: 100%)
file108.207.102.13
DeimosC2 botnet C2 server (confidence level: 75%)
file2.88.108.213
QakBot botnet C2 server (confidence level: 75%)
file206.71.148.172
Broomstick botnet C2 server (confidence level: 75%)
file47.79.18.250
Unknown malware botnet C2 server (confidence level: 75%)
file176.65.141.166
Rhadamanthys botnet C2 server (confidence level: 100%)
file216.9.225.133
Remcos botnet C2 server (confidence level: 75%)
file216.9.225.133
Remcos botnet C2 server (confidence level: 75%)
file103.39.108.224
Mirai botnet C2 server (confidence level: 100%)
file92.246.141.75
Mirai botnet C2 server (confidence level: 100%)
file2.59.132.84
Mirai botnet C2 server (confidence level: 100%)
file139.84.168.77
DOPLUGS botnet C2 server (confidence level: 100%)
file139.84.168.77
DOPLUGS botnet C2 server (confidence level: 100%)
file192.9.159.128
Cobalt Strike botnet C2 server (confidence level: 100%)
file202.182.122.237
Cobalt Strike botnet C2 server (confidence level: 100%)
file139.9.92.182
Cobalt Strike botnet C2 server (confidence level: 100%)
file42.51.44.204
Cobalt Strike botnet C2 server (confidence level: 100%)
file107.174.127.130
Cobalt Strike botnet C2 server (confidence level: 100%)
file47.116.208.81
Cobalt Strike botnet C2 server (confidence level: 100%)
file80.76.49.130
Remcos botnet C2 server (confidence level: 100%)
file45.74.46.34
Remcos botnet C2 server (confidence level: 100%)
file154.9.25.94
Unknown malware botnet C2 server (confidence level: 100%)
file142.93.165.203
Unknown malware botnet C2 server (confidence level: 100%)
file27.124.4.223
Hook botnet C2 server (confidence level: 100%)
file112.213.116.35
DCRat botnet C2 server (confidence level: 100%)
file193.68.89.17
Stealc botnet C2 server (confidence level: 100%)
file87.251.78.30
Unknown malware botnet C2 server (confidence level: 100%)
file111.230.30.197
Cobalt Strike botnet C2 server (confidence level: 75%)
file124.221.117.90
Cobalt Strike botnet C2 server (confidence level: 75%)
file150.158.80.227
Cobalt Strike botnet C2 server (confidence level: 75%)
file164.92.166.25
Cobalt Strike botnet C2 server (confidence level: 75%)
file185.208.158.227
Cobalt Strike botnet C2 server (confidence level: 75%)
file20.74.209.192
Cobalt Strike botnet C2 server (confidence level: 75%)
file213.94.218.16
Cobalt Strike botnet C2 server (confidence level: 75%)
file213.94.218.22
Cobalt Strike botnet C2 server (confidence level: 75%)
file217.156.50.139
Cobalt Strike botnet C2 server (confidence level: 75%)
file39.105.11.167
Cobalt Strike botnet C2 server (confidence level: 75%)
file18.198.77.177
NjRAT botnet C2 server (confidence level: 75%)
file3.121.139.82
NjRAT botnet C2 server (confidence level: 75%)
file51.38.137.108
Mirai botnet C2 server (confidence level: 75%)
file3.126.37.18
NjRAT botnet C2 server (confidence level: 75%)
file107.189.4.201
Mirai botnet C2 server (confidence level: 75%)
file5.252.176.71
Sliver botnet C2 server (confidence level: 100%)
file128.90.113.83
AsyncRAT botnet C2 server (confidence level: 100%)
file196.251.84.194
AsyncRAT botnet C2 server (confidence level: 100%)
file111.31.93.136
Unknown malware botnet C2 server (confidence level: 100%)
file45.207.197.14
Hook botnet C2 server (confidence level: 100%)
file173.237.206.178
Havoc botnet C2 server (confidence level: 100%)
file123.56.127.50
Havoc botnet C2 server (confidence level: 100%)
file35.177.77.164
Havoc botnet C2 server (confidence level: 100%)
file161.35.3.214
Unknown malware botnet C2 server (confidence level: 100%)
file3.75.243.103
Cobalt Strike botnet C2 server (confidence level: 100%)
file120.26.122.132
Cobalt Strike botnet C2 server (confidence level: 100%)
file52.68.47.107
Cobalt Strike botnet C2 server (confidence level: 100%)
file194.59.31.69
Remcos botnet C2 server (confidence level: 100%)
file8.137.63.19
Sliver botnet C2 server (confidence level: 100%)
file104.245.241.254
AsyncRAT botnet C2 server (confidence level: 100%)
file185.93.89.137
AsyncRAT botnet C2 server (confidence level: 100%)
file27.124.4.224
Hook botnet C2 server (confidence level: 100%)
file148.66.21.234
DCRat botnet C2 server (confidence level: 100%)
file13.233.80.253
NetSupportManager RAT botnet C2 server (confidence level: 100%)
file107.172.151.193
MooBot botnet C2 server (confidence level: 100%)
file123.136.93.211
Unknown malware botnet C2 server (confidence level: 75%)
file146.190.173.119
Havoc botnet C2 server (confidence level: 75%)
file188.4.205.235
QakBot botnet C2 server (confidence level: 75%)
file2.88.108.213
QakBot botnet C2 server (confidence level: 75%)
file172.233.162.232
Meterpreter botnet C2 server (confidence level: 75%)

Hash

ValueDescriptionCopy
hash8888
Unknown malware botnet C2 server (confidence level: 100%)
hash1912
RedLine Stealer botnet C2 server (confidence level: 100%)
hash61003
Mirai botnet C2 server (confidence level: 75%)
hash888
Cobalt Strike botnet C2 server (confidence level: 100%)
hash80
Cobalt Strike botnet C2 server (confidence level: 100%)
hash63211
Cobalt Strike botnet C2 server (confidence level: 100%)
hash2404
Remcos botnet C2 server (confidence level: 100%)
hash2404
Remcos botnet C2 server (confidence level: 100%)
hash2404
Remcos botnet C2 server (confidence level: 100%)
hash2404
Remcos botnet C2 server (confidence level: 100%)
hash443
Sliver botnet C2 server (confidence level: 100%)
hash443
Sliver botnet C2 server (confidence level: 100%)
hash80
Sliver botnet C2 server (confidence level: 100%)
hash8888
Unknown malware botnet C2 server (confidence level: 100%)
hash16521
AsyncRAT botnet C2 server (confidence level: 100%)
hash80
Havoc botnet C2 server (confidence level: 100%)
hash443
Havoc botnet C2 server (confidence level: 100%)
hash8000
Venom RAT botnet C2 server (confidence level: 100%)
hash32132
Crimson RAT botnet C2 server (confidence level: 100%)
hash80
Stealc botnet C2 server (confidence level: 100%)
hash100
CyberGate botnet C2 server (confidence level: 100%)
hash81
CyberGate botnet C2 server (confidence level: 100%)
hash666
CyberGate botnet C2 server (confidence level: 100%)
hash81
CyberGate botnet C2 server (confidence level: 100%)
hash1604
CyberGate botnet C2 server (confidence level: 100%)
hash80
CyberGate botnet C2 server (confidence level: 100%)
hash1456
CyberGate botnet C2 server (confidence level: 100%)
hash81
CyberGate botnet C2 server (confidence level: 100%)
hash80
CyberGate botnet C2 server (confidence level: 100%)
hash3460
CyberGate botnet C2 server (confidence level: 100%)
hash55555
Bashlite botnet C2 server (confidence level: 100%)
hash12345
Bashlite botnet C2 server (confidence level: 100%)
hash8799
Bashlite botnet C2 server (confidence level: 100%)
hash666
Bashlite botnet C2 server (confidence level: 100%)
hash666
Bashlite botnet C2 server (confidence level: 100%)
hash42516
Bashlite botnet C2 server (confidence level: 100%)
hash65500
Bashlite botnet C2 server (confidence level: 100%)
hash82
DarkComet botnet C2 server (confidence level: 100%)
hash1604
DarkComet botnet C2 server (confidence level: 100%)
hash81
DarkComet botnet C2 server (confidence level: 100%)
hash4231
DarkComet botnet C2 server (confidence level: 100%)
hash1604
DarkComet botnet C2 server (confidence level: 100%)
hash1604
DarkComet botnet C2 server (confidence level: 100%)
hash1604
DarkComet botnet C2 server (confidence level: 100%)
hash1604
DarkComet botnet C2 server (confidence level: 100%)
hash2056
DarkComet botnet C2 server (confidence level: 100%)
hash1604
DarkComet botnet C2 server (confidence level: 100%)
hash1604
DarkComet botnet C2 server (confidence level: 100%)
hash1604
DarkComet botnet C2 server (confidence level: 100%)
hash1604
DarkComet botnet C2 server (confidence level: 100%)
hash11056
DarkComet botnet C2 server (confidence level: 100%)
hash6667
SpyNote botnet C2 server (confidence level: 100%)
hash4545
SpyNote botnet C2 server (confidence level: 100%)
hash4444
SpyNote botnet C2 server (confidence level: 100%)
hash16021
SpyNote botnet C2 server (confidence level: 100%)
hash1111
SpyNote botnet C2 server (confidence level: 100%)
hash80
Cobalt Strike botnet C2 server (confidence level: 100%)
hash8001
Cobalt Strike botnet C2 server (confidence level: 100%)
hash30120
DarkComet botnet C2 server (confidence level: 100%)
hash8808
AsyncRAT botnet C2 server (confidence level: 100%)
hash972
AsyncRAT botnet C2 server (confidence level: 100%)
hash8089
Hook botnet C2 server (confidence level: 100%)
hash8089
Hook botnet C2 server (confidence level: 100%)
hash4782
Quasar RAT botnet C2 server (confidence level: 100%)
hash80
Havoc botnet C2 server (confidence level: 100%)
hash6001
Venom RAT botnet C2 server (confidence level: 100%)
hash4444
Orcus RAT botnet C2 server (confidence level: 100%)
hash8080
Cobalt Strike botnet C2 server (confidence level: 100%)
hash31337
Sliver botnet C2 server (confidence level: 90%)
hash5000
Unknown malware botnet C2 server (confidence level: 100%)
hash43957
MooBot botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash443
Unknown malware botnet C2 server (confidence level: 100%)
hash443
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash8080
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash2087
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash8080
Unknown malware botnet C2 server (confidence level: 100%)
hash443
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash80
Unknown malware botnet C2 server (confidence level: 100%)
hash8080
Unknown malware botnet C2 server (confidence level: 100%)
hash8080
Unknown malware botnet C2 server (confidence level: 100%)
hash3333
Unknown malware botnet C2 server (confidence level: 100%)
hash80
Unknown malware botnet C2 server (confidence level: 100%)
hash34509
Remcos botnet C2 server (confidence level: 75%)
hash8587
Rhadamanthys botnet C2 server (confidence level: 100%)
hash7000
XWorm botnet C2 server (confidence level: 75%)
hash443
PlugX botnet C2 server (confidence level: 100%)
hash5000
PlugX botnet C2 server (confidence level: 100%)
hash443
PlugX botnet C2 server (confidence level: 100%)
hash5000
PlugX botnet C2 server (confidence level: 100%)
hash3440
DarkVision RAT botnet C2 server (confidence level: 75%)
hash3124
Remcos botnet C2 server (confidence level: 75%)
hash80
Cobalt Strike botnet C2 server (confidence level: 100%)
hash10001
Cobalt Strike botnet C2 server (confidence level: 100%)
hash800
Cobalt Strike botnet C2 server (confidence level: 100%)
hash7777
Cobalt Strike botnet C2 server (confidence level: 100%)
hash8888
Cobalt Strike botnet C2 server (confidence level: 100%)
hash8888
Cobalt Strike botnet C2 server (confidence level: 100%)
hash80
Cobalt Strike botnet C2 server (confidence level: 100%)
hash2222
Cobalt Strike botnet C2 server (confidence level: 100%)
hash443
Cobalt Strike botnet C2 server (confidence level: 100%)
hash2404
Remcos botnet C2 server (confidence level: 100%)
hash2404
Remcos botnet C2 server (confidence level: 100%)
hash3191
Remcos botnet C2 server (confidence level: 100%)
hash443
pupy botnet C2 server (confidence level: 100%)
hash8808
AsyncRAT botnet C2 server (confidence level: 100%)
hash6606
AsyncRAT botnet C2 server (confidence level: 100%)
hash444
AsyncRAT botnet C2 server (confidence level: 100%)
hash7443
Unknown malware botnet C2 server (confidence level: 100%)
hash443
Unknown malware botnet C2 server (confidence level: 100%)
hash445
Havoc botnet C2 server (confidence level: 100%)
hash443
Havoc botnet C2 server (confidence level: 100%)
hash4433
DCRat botnet C2 server (confidence level: 100%)
hash443
NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash503
NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash9999
MooBot botnet C2 server (confidence level: 100%)
hash8080
MimiKatz botnet C2 server (confidence level: 100%)
hash8080
Cobalt Strike botnet C2 server (confidence level: 100%)
hash443
DeimosC2 botnet C2 server (confidence level: 75%)
hash995
QakBot botnet C2 server (confidence level: 75%)
hash80
Broomstick botnet C2 server (confidence level: 75%)
hash60000
Unknown malware botnet C2 server (confidence level: 75%)
hash2405
Rhadamanthys botnet C2 server (confidence level: 100%)
hash10890
Remcos botnet C2 server (confidence level: 75%)
hash49067
Remcos botnet C2 server (confidence level: 75%)
hash101
Mirai botnet C2 server (confidence level: 100%)
hash101
Mirai botnet C2 server (confidence level: 100%)
hash3
Mirai botnet C2 server (confidence level: 100%)
hash5000
DOPLUGS botnet C2 server (confidence level: 100%)
hash443
DOPLUGS botnet C2 server (confidence level: 100%)
hash4443
Cobalt Strike botnet C2 server (confidence level: 100%)
hash443
Cobalt Strike botnet C2 server (confidence level: 100%)
hash8088
Cobalt Strike botnet C2 server (confidence level: 100%)
hash8088
Cobalt Strike botnet C2 server (confidence level: 100%)
hash18444
Cobalt Strike botnet C2 server (confidence level: 100%)
hash443
Cobalt Strike botnet C2 server (confidence level: 100%)
hash5000
Remcos botnet C2 server (confidence level: 100%)
hash46167
Remcos botnet C2 server (confidence level: 100%)
hash8888
Unknown malware botnet C2 server (confidence level: 100%)
hash7443
Unknown malware botnet C2 server (confidence level: 100%)
hash8089
Hook botnet C2 server (confidence level: 100%)
hash8848
DCRat botnet C2 server (confidence level: 100%)
hash80
Stealc botnet C2 server (confidence level: 100%)
hash4000
Unknown malware botnet C2 server (confidence level: 100%)
hash4443
Cobalt Strike botnet C2 server (confidence level: 75%)
hash80
Cobalt Strike botnet C2 server (confidence level: 75%)
hash443
Cobalt Strike botnet C2 server (confidence level: 75%)
hash443
Cobalt Strike botnet C2 server (confidence level: 75%)
hash8443
Cobalt Strike botnet C2 server (confidence level: 75%)
hash8081
Cobalt Strike botnet C2 server (confidence level: 75%)
hash80
Cobalt Strike botnet C2 server (confidence level: 75%)
hash80
Cobalt Strike botnet C2 server (confidence level: 75%)
hash8443
Cobalt Strike botnet C2 server (confidence level: 75%)
hash80
Cobalt Strike botnet C2 server (confidence level: 75%)
hash14131
NjRAT botnet C2 server (confidence level: 75%)
hash14131
NjRAT botnet C2 server (confidence level: 75%)
hash47925
Mirai botnet C2 server (confidence level: 75%)
hash18848
NjRAT botnet C2 server (confidence level: 75%)
hash1995
Mirai botnet C2 server (confidence level: 75%)
hash443
Sliver botnet C2 server (confidence level: 100%)
hash2000
AsyncRAT botnet C2 server (confidence level: 100%)
hash3306
AsyncRAT botnet C2 server (confidence level: 100%)
hash7443
Unknown malware botnet C2 server (confidence level: 100%)
hash8089
Hook botnet C2 server (confidence level: 100%)
hash443
Havoc botnet C2 server (confidence level: 100%)
hash443
Havoc botnet C2 server (confidence level: 100%)
hash443
Havoc botnet C2 server (confidence level: 100%)
hash7443
Unknown malware botnet C2 server (confidence level: 100%)
hash80
Cobalt Strike botnet C2 server (confidence level: 100%)
hash50001
Cobalt Strike botnet C2 server (confidence level: 100%)
hash80
Cobalt Strike botnet C2 server (confidence level: 100%)
hash2571
Remcos botnet C2 server (confidence level: 100%)
hash8080
Sliver botnet C2 server (confidence level: 100%)
hash9090
AsyncRAT botnet C2 server (confidence level: 100%)
hash8888
AsyncRAT botnet C2 server (confidence level: 100%)
hash8089
Hook botnet C2 server (confidence level: 100%)
hash4433
DCRat botnet C2 server (confidence level: 100%)
hash3796
NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash80
MooBot botnet C2 server (confidence level: 100%)
hash60000
Unknown malware botnet C2 server (confidence level: 75%)
hash8080
Havoc botnet C2 server (confidence level: 75%)
hash995
QakBot botnet C2 server (confidence level: 75%)
hash443
QakBot botnet C2 server (confidence level: 75%)
hash8443
Meterpreter botnet C2 server (confidence level: 75%)

Domain

ValueDescriptionCopy
domaincheck.asiu4.icu
ClearFake payload delivery domain (confidence level: 100%)
domainjanhugo.com
FAKEUPDATES payload delivery domain (confidence level: 100%)
domainwebdisk.f.multi-canale.com
Bashlite botnet C2 domain (confidence level: 100%)
domainwebdisk.gfjd.104-168-101-27.cprapid.com
Bashlite botnet C2 domain (confidence level: 100%)
domainmail.c.multi-canale.com
Bashlite botnet C2 domain (confidence level: 100%)
domainwebmail.aa.104-168-101-27.cprapid.com
Bashlite botnet C2 domain (confidence level: 100%)
domainez-ssb.sipos.services
FAKEUPDATES payload delivery domain (confidence level: 80%)
domainhackthisshit.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainkrpt.dyndns.info
CyberGate botnet C2 domain (confidence level: 100%)
domainroundbluerobin.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainjarmen.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainwiseagle101.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainintercool.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainlodoclan.servegame.com
CyberGate botnet C2 domain (confidence level: 100%)
domainthepowerguido.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainraid88rush.myphotos.cc
CyberGate botnet C2 domain (confidence level: 100%)
domaindr-mat.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainxradox.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainmicrosoftskype.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainturkkilainen.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainproalexpro.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainatlantise.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domaindatasecurity32.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainsusunahi3.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainpoison00.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainchakra22.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainsalla.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainhack993.sytes.net
CyberGate botnet C2 domain (confidence level: 100%)
domainmedo99.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainpooptit1.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainupdate-microsoft.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainjames1990.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainxbladeinc.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainnwal.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainasment34.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainchamta1.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainkevinj123.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainsp1ffy.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainsusunahi1.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainfrozenrats.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainsnowhost.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainrevennaras.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainkakawe2004.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaindarkrounge.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainlamafiahacker.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaindkcyb.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaintutorial2016.ddns.net
CyberGate botnet C2 domain (confidence level: 100%)
domainmena.ath.cx
CyberGate botnet C2 domain (confidence level: 100%)
domaintesty.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainph9xlplaunlx150.sytes.net
CyberGate botnet C2 domain (confidence level: 100%)
domainshniwel0.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainmicrosoft1342.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainhxh.ath.cx
CyberGate botnet C2 domain (confidence level: 100%)
domainjaja1334.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainkorpz1.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainhackerpool.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainmeiko-s.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainasssh2010.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaincheckers-world.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainsnypz.poseidonbot.com
CyberGate botnet C2 domain (confidence level: 100%)
domain1337krypton.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainihrbekommtmichnie.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domaindietimee.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainincomingdisaster.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaininjector.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaint1t4n.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainthisworldiscrazy.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainenhanceddomains.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainchillastube.podzone.org
CyberGate botnet C2 domain (confidence level: 100%)
domaingillamp.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainlawlzorz.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainsadvent.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainmichaudb.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainmark92.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainegoexxpress.servebbs.net
CyberGate botnet C2 domain (confidence level: 100%)
domainsunral.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainxperrtcybergate.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainrunescapemodstaff.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainfahadm.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaind1a3l0.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainderdar.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainmatrix-zloy.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainsusunahi.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainnumber.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainsenhordacaveira.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainunfor1987.serveftp.net
CyberGate botnet C2 domain (confidence level: 100%)
domainskikda.sytes.net
CyberGate botnet C2 domain (confidence level: 100%)
domainhazavit.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaincrackear.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainpinkpanther54.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainkptkmm.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainpri1.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainasas.hopto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainpicudobot.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domain123qwe.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainlahssen1984.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainpleite.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainken1234.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainchamta.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainsolidest.dyndns.info
CyberGate botnet C2 domain (confidence level: 100%)
domainmstlj.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainonlycryy.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaintysonscape.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainbarthssss.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaincaveiranegro.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainno0od.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainefeseaprimera.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainxll.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domaingenjitakiya.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainm3m0colk.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainobv.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainmita.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainogeniohacker.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainhackeck.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainthepowerguido.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainttnet.gotdns.com
CyberGate botnet C2 domain (confidence level: 100%)
domaintroyan-nikos.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainbest-man.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaintahugejrot.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domain5onny.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainminecraft-batlle.servegame.com
CyberGate botnet C2 domain (confidence level: 100%)
domainhacker37.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainjacky2020.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainmicrosoftupd.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainokaybabe.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainraidrush.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainmorianos.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaintraphier-traph.serveftp.com
CyberGate botnet C2 domain (confidence level: 100%)
domainfilehost1.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainghostraider.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainmorimor72.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainproject12222.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainbakainu.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domaincanadabeta.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaindarkcomet2.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainzgogo.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainstephie.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domaincybergatecrack.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainimplingfinderv3.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainaytac.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainarschloch456.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainsansho007.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainminoip1001.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domaincoderz.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainnextlogon.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domain733t.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaintangodown.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainkhdt2.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainlobo-lol.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaincable.cable-modem.org
CyberGate botnet C2 domain (confidence level: 100%)
domainpatrick1232.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainfantasmas.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaina3n-hacker.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainlolbadkid.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainforever.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainlocuraaaaaa.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainchouchou.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaincinemaproduction.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainleopars.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainburgy.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaingrumpyemo.no-no.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainwearethehorde.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaingonza09.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaingrumpylucas.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainpersis.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainlt1.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainjagexfails.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainibm30073007.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaincyberk.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainsyndrome.servemp3.com
CyberGate botnet C2 domain (confidence level: 100%)
domainhacker13.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainaptem18.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainsusunahi2.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domaindieforfree.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaintupeoramenaza.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainbullseye23.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaingodimath.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaingoodalge.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainmsgh.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domaindisgow1.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domaininfectadoemo.no-ip.org
CyberGate botnet C2 domain (confidence level: 100%)
domainbiv3.no-ip.biz
CyberGate botnet C2 domain (confidence level: 100%)
domainsada.zapto.org
CyberGate botnet C2 domain (confidence level: 100%)
domainishaqkhan.redirectme.net
CyberGate botnet C2 domain (confidence level: 100%)
domainsusunahi4.no-ip.info
CyberGate botnet C2 domain (confidence level: 100%)
domainroobinos.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainvegasredbull.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainfredchen.gotdns.ch
DarkComet botnet C2 domain (confidence level: 100%)
domaintestconnect.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domain4mph33.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainemirhan-rat1.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domaincr4nk1337.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domain0000.ole32.com
DarkComet botnet C2 domain (confidence level: 100%)
domainfinga.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainwindowshaxor.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domaindoulnulla.serveblog.net
DarkComet botnet C2 domain (confidence level: 100%)
domainjakeykid.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domaindarwerft.no-ip.info
DarkComet botnet C2 domain (confidence level: 100%)
domainpeelsupport.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainfail-rat.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainsyricounette.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainnervernvm.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domaincinar12322.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domaindevils-hackers.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domaincelp.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainserveftm.serveftp.com
DarkComet botnet C2 domain (confidence level: 100%)
domainxxyyzz.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainladladladladlad.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainzxzakozxz.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainwaleed-hakerz.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainfacebook-abuse.tk
DarkComet botnet C2 domain (confidence level: 100%)
domainaha76.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainb0b1.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domaindarkhelper.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domain18479.3322.org
DarkComet botnet C2 domain (confidence level: 100%)
domaindannyisadon.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainsuloname.no-ip.info
DarkComet botnet C2 domain (confidence level: 100%)
domainzagazoo.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domaineveremete.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainteknohd.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domaintswans.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainihacker.dnsd.me
DarkComet botnet C2 domain (confidence level: 100%)
domainiberat2012.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainrfox.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainwow-ftw.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainjakeyboy159.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domaineman.no-ip.info
DarkComet botnet C2 domain (confidence level: 100%)
domainkgsoloman5000.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainjacksonmayjones.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainfangtbn.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domain351625.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainshizo1337.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainsnarglozog.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainpablit89.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainxfuego.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domaindnse.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainbspeanut.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainkorabika.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domain00000.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainnillumronnoc.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domaindarwerft.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainhostmaster.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domaincheeseburger.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainkann.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domaindannydanny.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainjehadpal10.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainnicksdcrat1.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domaindcownz1.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainlogo1212.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainamjay.myftp.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainpazuzu11.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainsdat.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainkam3leon.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainroobinosratlocal.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainbitz.servepics.com
DarkComet botnet C2 domain (confidence level: 100%)
domaindarkcomethiday.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainindeednewb.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainopsec.mine.nu
DarkComet botnet C2 domain (confidence level: 100%)
domaindarkcomet2011.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainrattatattat.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainwwws.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainbekiap3332424.sytes.net
DarkComet botnet C2 domain (confidence level: 100%)
domainmyftp.homeftp.net
DarkComet botnet C2 domain (confidence level: 100%)
domainmaxiserp.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domaingalitma12.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainhnoo0oody.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainjbsoloman5000.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainnewzath.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainlovemoon93.dyndns-ip.com
DarkComet botnet C2 domain (confidence level: 100%)
domainmsaudio.servemp3.com
DarkComet botnet C2 domain (confidence level: 100%)
domainvaghavethepower.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainbole93.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainhammatov.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainjelixhff.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainfanbase.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainfytyrlybri2323.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainultimata.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domaincacaj.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domaindeanlet.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainshahruz007n.no-ip.info
DarkComet botnet C2 domain (confidence level: 100%)
domainsteamacc123.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domainst33lc1tyf4n.zapto.org
DarkComet botnet C2 domain (confidence level: 100%)
domainvikky38.no-ip.biz
DarkComet botnet C2 domain (confidence level: 100%)
domains3awscloud.com
NetWire RC botnet C2 domain (confidence level: 100%)
domainfluber12.duckdns.org
Xtreme RAT botnet C2 domain (confidence level: 100%)
domainl0opo0l.zapto.org
Xtreme RAT botnet C2 domain (confidence level: 100%)
domain111111q.no-ip.org
Xtreme RAT botnet C2 domain (confidence level: 100%)
domainbibilomp.servemp3.com
Xtreme RAT botnet C2 domain (confidence level: 100%)
domainbalooba-holinlolitago.servegame.com
Xtreme RAT botnet C2 domain (confidence level: 100%)
domainkokaxp.hopto.org
Xtreme RAT botnet C2 domain (confidence level: 100%)
domainuae577.no-ip.biz
Xtreme RAT botnet C2 domain (confidence level: 100%)
domainhdbdg.myftp.biz
Xtreme RAT botnet C2 domain (confidence level: 100%)
domainsophian.no-ip.biz
Xtreme RAT botnet C2 domain (confidence level: 100%)
domainazert123.no-ip.org
Xtreme RAT botnet C2 domain (confidence level: 100%)
domainkaito.no-ip.org
Xtreme RAT botnet C2 domain (confidence level: 100%)
domainhectorr.no-ip.org
Xtreme RAT botnet C2 domain (confidence level: 100%)
domainarabc.no-ip.org
Xtreme RAT botnet C2 domain (confidence level: 100%)
domain250.batcom.top
Mirai botnet C2 domain (confidence level: 100%)
domainbotnet.getsolara.info
Mirai botnet C2 domain (confidence level: 100%)
domaindata.hello4443.xyz
Mirai botnet C2 domain (confidence level: 100%)
domainposition-idea.gl.at.ply.gg
SpyNote botnet C2 domain (confidence level: 100%)
domainworldwide-contributor.gl.at.ply.gg
SpyNote botnet C2 domain (confidence level: 100%)
domainest-unfortunately.gl.at.ply.gg
SpyNote botnet C2 domain (confidence level: 100%)
domainfeatured-lt.gl.at.ply.gg
SpyNote botnet C2 domain (confidence level: 100%)
domainselect-as.gl.at.ply.gg
SpyNote botnet C2 domain (confidence level: 100%)
domainmr-committees.gl.at.ply.gg
SpyNote botnet C2 domain (confidence level: 100%)
domainadminadmin2023.ddns.net
SpyNote botnet C2 domain (confidence level: 100%)
domainwhat-release.gl.at.ply.gg
SpyNote botnet C2 domain (confidence level: 100%)
domainmybkbfpvaixipfsxoa.space
Havoc botnet C2 domain (confidence level: 100%)
domainadm.dreamad.mobi
Cobalt Strike botnet C2 domain (confidence level: 100%)
domainlmyz.yiqing99.cn
Cobalt Strike botnet C2 domain (confidence level: 100%)
domainec2-23-20-183-202.compute-1.amazonaws.com
Unknown malware botnet C2 domain (confidence level: 100%)
domaintopclth.click
Unknown malware botnet C2 domain (confidence level: 100%)
domainmfaicoffice.com
PlugX botnet C2 domain (confidence level: 75%)
domaingogetxto.life
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainjpkinki.com
PlugX botnet C2 domain (confidence level: 100%)
domaincheck.axei3.icu
ClearFake payload delivery domain (confidence level: 100%)
domainbeaminduggl.top
Lumma Stealer botnet C2 domain (confidence level: 100%)
domainalicevivianny.com
PlugX botnet C2 domain (confidence level: 100%)
domainaljazddra.com
PlugX botnet C2 domain (confidence level: 100%)
domainantioxidantsnews.com
PlugX botnet C2 domain (confidence level: 100%)
domainconflictaslesson.com
PlugX botnet C2 domain (confidence level: 100%)
domaincrappienews.com
PlugX botnet C2 domain (confidence level: 100%)
domaincreatecopilot.com
PlugX botnet C2 domain (confidence level: 100%)
domainelectrictulsa.com
PlugX botnet C2 domain (confidence level: 100%)
domainerpdown.com
PlugX botnet C2 domain (confidence level: 100%)
domainestmongolia.com
PlugX botnet C2 domain (confidence level: 100%)
domainfinancialextremed.com
PlugX botnet C2 domain (confidence level: 100%)
domaingetfiledown.com
PlugX botnet C2 domain (confidence level: 100%)
domainglobaleyenews.com
PlugX botnet C2 domain (confidence level: 100%)
domainhajjnewsbd.com
PlugX botnet C2 domain (confidence level: 100%)
domainhisnhershealthynhappy.com
PlugX botnet C2 domain (confidence level: 100%)
domainimportsmall.com
PlugX botnet C2 domain (confidence level: 100%)
domaininfotechtelecom.com
PlugX botnet C2 domain (confidence level: 100%)
domaininhller.com
PlugX botnet C2 domain (confidence level: 100%)
domainitduniversity.com
PlugX botnet C2 domain (confidence level: 100%)
domainivibers.com
PlugX botnet C2 domain (confidence level: 100%)
domainkerrvillehomeschoolers.com
PlugX botnet C2 domain (confidence level: 100%)
domainlinkonmarketing.com
PlugX botnet C2 domain (confidence level: 100%)
domainlooksnews.com
PlugX botnet C2 domain (confidence level: 100%)
domainmaineasce.com
PlugX botnet C2 domain (confidence level: 100%)
domainmeetviberapi.com
PlugX botnet C2 domain (confidence level: 100%)
domainmexicoglobaluniversity.com
PlugX botnet C2 domain (confidence level: 100%)
domainmobilefiledownload.com
PlugX botnet C2 domain (confidence level: 100%)
domainmojhaloton.com
PlugX botnet C2 domain (confidence level: 100%)
domainmrytlebeachinfo.com
PlugX botnet C2 domain (confidence level: 100%)
domainnewslandtoday.net
PlugX botnet C2 domain (confidence level: 100%)
domainoncalltechnical.com
PlugX botnet C2 domain (confidence level: 100%)
domainquickoffice360.com
PlugX botnet C2 domain (confidence level: 100%)
domainredactnews.com
PlugX botnet C2 domain (confidence level: 100%)
domainreformporta.com
PlugX botnet C2 domain (confidence level: 100%)
domainriversidebreakingnews.com
PlugX botnet C2 domain (confidence level: 100%)
domainsangkayrealnews.com
PlugX botnet C2 domain (confidence level: 100%)
domaintasensors.com
PlugX botnet C2 domain (confidence level: 100%)
domaintechoilproducts.com
PlugX botnet C2 domain (confidence level: 100%)
domaintigernewsmedia.com
PlugX botnet C2 domain (confidence level: 100%)
domaintruff-evadee.com
PlugX botnet C2 domain (confidence level: 100%)
domaintychonews.com
PlugX botnet C2 domain (confidence level: 100%)
domainusedownload.com
PlugX botnet C2 domain (confidence level: 100%)
domainvopaklatinamerica.com
PlugX botnet C2 domain (confidence level: 100%)
domainwindowsfiledownload.com
PlugX botnet C2 domain (confidence level: 100%)
domainrem9rrr.duckdns.org
Remcos botnet C2 domain (confidence level: 100%)
domainrem9rrr2.duckdns.org
Remcos botnet C2 domain (confidence level: 100%)
domaintentyfive5.ydns.eu
Quasar RAT botnet C2 domain (confidence level: 100%)
domainthirtyfive5.ydns.eu
Quasar RAT botnet C2 domain (confidence level: 100%)
domainthirtyfive335.crabdance.com
Quasar RAT botnet C2 domain (confidence level: 100%)
domainpipbinorel99.com
Remcos botnet C2 domain (confidence level: 100%)
domainautodiscover.a.multi-canale.com
Bashlite botnet C2 domain (confidence level: 100%)
domaincpcontacts.b.multi-canale.com
Bashlite botnet C2 domain (confidence level: 100%)
domaincpcontacts.eversioneweb.com
Bashlite botnet C2 domain (confidence level: 100%)
domainy.p.formaxprime.co.uk
Vidar botnet C2 domain (confidence level: 100%)
domaincheck.atuu7.icu
ClearFake payload delivery domain (confidence level: 100%)
domainunrealfabricdo.click
SectopRAT payload delivery domain (confidence level: 90%)
domainmrgenuis.no-ip.org
DarkComet botnet C2 domain (confidence level: 100%)
domainstarbits.world
Lumma Stealer botnet C2 domain (confidence level: 100%)
domaingetfiledata.com
DOPLUGS botnet C2 domain (confidence level: 100%)
domaincpanel.e.ora-0-web.com
Bashlite botnet C2 domain (confidence level: 100%)
domainautodiscover.e.ora-0-web.com
Bashlite botnet C2 domain (confidence level: 100%)
domainautodiscover.web-app-on.com
Bashlite botnet C2 domain (confidence level: 100%)
domainautodiscover.m.web-app-on.com
Bashlite botnet C2 domain (confidence level: 100%)
domainmail.e.ora-0-web.com
Bashlite botnet C2 domain (confidence level: 100%)
domainvfclan.com
FAKEUPDATES payload delivery domain (confidence level: 100%)
domain1329742111-h1rmesk2t.ap-guangzhou.tencentscf.com
Cobalt Strike botnet C2 domain (confidence level: 75%)
domaina-0001.a2-msedge.net
Cobalt Strike botnet C2 domain (confidence level: 75%)
domaincngov.oss-cn-shanghai.aliyuncs.com
Cobalt Strike botnet C2 domain (confidence level: 75%)
domainmicrosofts.wiki
Cobalt Strike botnet C2 domain (confidence level: 75%)
domainoversizes.ghostgames.mom
Cobalt Strike botnet C2 domain (confidence level: 75%)
domainvozaspecial.com
Cobalt Strike botnet C2 domain (confidence level: 75%)
domainazmamiraixd.duckdns.org
Mirai botnet C2 domain (confidence level: 100%)
domainbot.gribostress.pro
Mirai botnet C2 domain (confidence level: 75%)
domaincpcontacts.efcommxerce.ru
Hook botnet C2 domain (confidence level: 100%)

Threat ID: 682c7db8e8347ec82d2bff06

Added to database: 5/20/2025, 1:03:52 PM

Last enriched: 6/19/2025, 3:48:48 PM

Last updated: 7/25/2025, 6:28:34 PM

Views: 15

Related Threats

ThreatFox IOCs for 2025-08-09

Medium
MalwareSun Aug 10 2025

Embargo Ransomware nets $34.2M in crypto since April 2024

Medium
MalwareSat Aug 09 2025

ThreatFox IOCs for 2025-08-08

Medium
MalwareSat Aug 09 2025

Efimer Trojan delivered via email and hacked WordPress websites

Medium
MalwareFri Aug 08 2025

Unmasking SocGholish: Untangling the Malware Web Behind the 'Pioneer of Fake Updates' and Its Operator

Medium
MalwareFri Aug 08 2025

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

External Links

Search on Google

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats