ThreatFox IOCs for 2025-08-10

Severity: mediumType: malware

AI Analysis

Technical Summary

The provided information pertains to a set of Indicators of Compromise (IOCs) published on August 10, 2025, sourced from the ThreatFox MISP Feed. The threat is categorized under 'malware' with a focus on OSINT (Open Source Intelligence), payload delivery, and network activity. However, the details are minimal, with no specific affected software versions, no known exploits in the wild, and no patches available. The threat level is indicated as medium (threatLevel: 2), with moderate distribution (distribution: 3) and low analysis confidence (analysis: 1). The absence of concrete technical details, such as specific malware families, attack vectors, or exploitation techniques, limits the depth of analysis. The threat appears to be a collection or dissemination of IOCs related to malware activities rather than a direct vulnerability or exploit. The TLP (Traffic Light Protocol) is white, indicating the information is publicly shareable. Overall, this represents an OSINT-based threat intelligence update rather than an active or novel exploit targeting specific systems.

Potential Impact

For European organizations, the impact of this threat is currently limited due to the lack of specific actionable indicators or known exploits. Since no particular software or hardware is identified as vulnerable, and no active exploitation is reported, the immediate risk is low to medium. However, the presence of IOCs related to payload delivery and network activity suggests that these indicators could be used by security teams to enhance detection capabilities. If these IOCs correspond to emerging malware campaigns, organizations could face risks such as data exfiltration, service disruption, or unauthorized access if they fail to monitor and respond appropriately. The medium severity rating implies a moderate potential for impact, primarily through network-based threats that could affect confidentiality and availability if exploited. European organizations should remain vigilant, especially those in sectors with high exposure to network threats, such as finance, critical infrastructure, and government.

Mitigation Recommendations

Given the nature of this threat as an OSINT IOC update without specific exploit details, mitigation should focus on enhancing detection and response capabilities. Organizations should: 1) Integrate the provided IOCs into their Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) systems to improve monitoring for related malicious activity. 2) Conduct network traffic analysis to identify unusual payload delivery attempts or suspicious network behavior aligned with the IOCs. 3) Maintain up-to-date threat intelligence feeds and collaborate with information sharing groups to receive timely updates. 4) Implement strict network segmentation and access controls to limit potential lateral movement if an infection occurs. 5) Conduct regular security awareness training to reduce the risk of successful payload delivery via phishing or social engineering. 6) Since no patches are available, focus on hardening systems and applying best practices for malware prevention and detection. These steps go beyond generic advice by emphasizing proactive IOC integration and network behavior analysis tailored to the threat's characteristics.

Affected Countries

Germany, France, United Kingdom, Netherlands, Italy

Indicators of Compromise

domain: trust.scriptobject.com
file: 193.42.110.121
hash: 443
domain: security.flsaregursd.com
domain: kopenbal.com
file: 107.175.88.72
hash: 2404
file: 216.250.250.246
hash: 8443
file: 46.137.225.200
hash: 443
domain: ftp.aigirlfriend.altervista.org
file: 195.133.1.120
hash: 4321
file: 58.215.252.68
hash: 10001
file: 147.50.253.17
hash: 9723
file: 185.241.208.142
hash: 6000
file: 193.161.193.99
hash: 24910
file: 185.129.199.75
hash: 4782
domain: client.hosthlior.com
file: 194.36.188.38
hash: 443
file: 27.215.49.60
hash: 42196
hash: 57cc201cf4cb5d243cc2bc01e1727f943ba17ac2
hash: 4e56441b9bbd11e64810552965d0f476d3a56e3e1d40e36a763507f33ad69f01
hash: e3d3988afa329938351c51f0ca31d677
hash: 53241663c11a155b6d047beaffa7dca35b7fe835
hash: 57860dbded301cb04da8855e742729ca69021a125574a65e37d6c95c027a7cdf
hash: eec796f19e80b6ef876217910b434896
hash: 571bf309ef1af9cf946deb6ce6217c97e4f85d45
hash: ca046e33fb820cd73683ba49f78a432518072c278187fe46973fbbfbfbea1387
hash: e34dd1cc798befa9b241f84706327144
hash: 69ae8af0412f94ac0722842b94c94c5cfa508f06
hash: 421ed766f1d3b0e3dc56305d6da3ef6d25204e6ace54ec0bf4e292e357e3f8dd
hash: e20dce1087c2f13dcfe2452a8b6662f1
hash: ca6d40693637eda11b24bbf19e5369147c251c81
hash: ee9fa135762859f0b7c06a567e9f34c3edb508eb0c01ffe957dc6a2ea7a916f0
hash: b8d64a36c24382e06c34fe999586656f
hash: 107ed710a8f794c16265277dd8ac9b1fde1f0bfc
hash: f8626f86d774c3d65f29ae1c31c77eae9101ebc135446989307754498fb15bfa
hash: b0fdbd8263b6ed11ec2eae95f3361402
hash: 9ffd4d4898b6eee240cc87a8e721a5ae048efa21
hash: 27b889d83fdb49fe8e7da02532d1198056c43afec74f5cf403aa034016220ab1
hash: 0edda9aa96644a03de67e8b7858460cc
hash: 7f31256efca6cee418ce79b23d43afde49488595
hash: 10c5f26fb9e6858d4425e7a270052e31d0b5aa8489b3c5ff185859a5fa5f9e13
hash: 2ed7a0983265d1818e95cbe9fe666e35
hash: a614a2c98a9a5eb79026fc6c58f7a712bd15b29a
hash: 59910a60355e1679b31b2a17c4718d523edc7acaf1a0eb6d2d1f28834f0d043a
hash: 0c51e804d39cf461ce04bbccfc31c0d4
hash: e0072ac2ad495dac9033d36cab10168d9fb13633
hash: 2eb3bd0bf4c9e73f59820d9d1fc6867fcd75d60c56ce91af1f858200b3a19210
hash: 87c48bf6d824f737bd66ae91e8f69449
hash: ca55c6abc907ba35ca6090e16941e42dd8591828
hash: dce5119b46e630305839e89f41f7105eefbf32dd6790a01f4c6205ac92cd47f5
hash: e9e11387759a7669545ef13da3540bfa
hash: f30d317a20c746336eb5d0b270d76b3baa06453a
hash: fa6be9253b224568cd9578b802a1f44a2923733b1e7ee04ef7f3ad9d176648ba
hash: 4185993194d31804fe6538791f9e6294
hash: 588f22efff93d1308fa8a5eeda62d3a4890c9f32
hash: 39fcfca241c6391afc7ad77aa3f2c62b3e49d7e59a5aff0ae845ede5836c933f
hash: 117cefb7dc5562d16456f46fce72fd1d
hash: 3d73afdff57db5d5a5132e722d617682ecbb11f5
hash: f309cd6de21d0af1036687c4e28871e1dcf455ee6245b23d4b38c26df0b49ceb
hash: 38ec12342807d887962474cdb9faab2b
hash: 60ac2902d8aedc6e08d1374795af281ef32002db
hash: fc53884a4452b6f808e280dc3fc3a051d0129be2aabf61ea816dacf6c3ea9e80
hash: 637d140a25eb70e57398fae83ad494fc
hash: 3068f6a72716c3067fede685fb0ae850b69679fe
hash: 370d9f85a3cd1dfc33df7de053a269d9d3c62b84e0f939180e3fbb7e8e12b574
hash: d5848832b09fd4445d2e2a00ea9f2500
hash: 677690f53f60c77b175d493f3f9662dd60a7840e
hash: 069ca288916f93b19a787289c14c675560390609854048815fbcc657cd3eaa3e
hash: 132ca423c57b259d91fb331a8330b06e
hash: 0d04e5d9e213ca4436128fbcaf89a2e499c52d00
hash: 6fe7c33b420058cd0260da2bf84c953fb4470395bdcc79aa29e1e359bfedbaac
hash: cfb2f9ccd268bc1a7552712a6d2cd657
hash: 725a8c839c8e78f5f611fe4532d4df45f117c530
hash: 8dc5ce1b016bdaebc7d77a20cccf815a49840e239c33132d35504d03c5f6ac99
hash: 5eaf0abd7ada39f208121d7d3bd31969
hash: 424fa144fef3c7d139eb690612e2fb7c180b16ce
hash: 0264e2223b01653f3e19ebeb563ebc77086b78625b6c26675c85b470577cf7a4
hash: d2fd8e361f4c4dda1aa3d8cd5489324e
hash: 4499fc2e920f049569f280c962b83e6f06cdcf30
hash: 1ed013a1de4ed2a2a23b6f157b440511e179f6209c62d18f05faf2dd865db955
hash: d289d6a1a5e5260f5ec4c086aaecca15
hash: 7b55d53dfb5990ecd471424a51e1516eb2601b10
hash: d7364c65d5ab68af62326f3e4d495278a7e9389e6c3bb3ae54cae85fff5dfec5
hash: 5d9d44a09f5cb2efccc92456c1b6b675
hash: c170cdd49d298c04618c34671f28597d9cc94450
hash: 03ffd9138d53cd6d65d05e242d9775a3b51201a0d556d208a69509e7be0455b7
hash: 0c5fe9c5efc8518ae098948f69eaaa4a
hash: e8295afc1c2cf0c8a75249f36d305a8169b7e77a
hash: bc1800cb2b769decc9eadc0cc2389b017c0d4cc7cae95cb786c0d1dc9edc712a
hash: d46539a39f8e452f1435cc641f77a590
hash: b8a984affedcac6ebeec1a7c97496ad47796d149
hash: c07a6907f153bb0b47985b21281318b6c88f6851dc13c857ac36c18013b5aeeb
hash: d0e18e59523fbda0be83e2939b01c31c
hash: 3791b2f5beff8308af63ab0d82e356a59510e5f7
hash: 1ca0c8ba7ffba20fb77ade5cb38ee12d6f06e17c326f915b1649918a9732b957
hash: 627e97c050cdfd8aa302bfca98e84f6f
hash: 1cd2ffa83bda7229cba1f747091d7b529465cae1
hash: 17269b07f8f2f16e1d2139282f27e99834c34ed76548851a229bbe59832cb552
hash: f66006ad051c8cfe21adc47b7f766fcc
hash: 0893c40f0f45090198c393a00a76b6b4dc6323f7
hash: f9de9c7b648a66c8ede9153f80c39a47faaa8ef29c6e4f7a98e9e4dda3f99de9
hash: 81e352f312761b0b5e2d919d15f772c2
hash: 47d89e6c23119fcf64c42542147920f16659bdee
hash: 328699bd296a5173e31870de74609e86a296bc7a1eb4eb532898cf1da1120db9
hash: e91d578e60fd3423e2ad29a6eec2328e
hash: 447f9def943ada773064738ccf088f328d947de1
hash: 8f4e5861c66c974fe45934f6d063c445391b833864b9f024483bad72c06e1c5c
hash: 152097f5dbfbf49d21de6154fc5391ed
hash: 5455176a7647f15572269d15a51959ff11a8d6bc
hash: 6381a3f5fc76fdd31bd00a04055d8a7a413217dbf94084fe9f37ef6ff51dd523
hash: 5043c2662dc3317a39df544aa034ee3a
hash: 668c06288552d32bdad845e397a4bbc54f52bc1b
hash: 40d524ba12ded4ec3d041b76deb428be5f19702414f85c5596362b3512ef3dfe
hash: c3075d13b1389b0e0c0de80f937bfe93
hash: 56c8efe9dbba26dceaca7679f3f529bbf7300036
hash: d61d38c490cbeb69dc98be97f33cf269fa4125891a837b02ca4b54704a05879f
hash: f49edaf64830b22c5c5b902d720a5dbd
hash: 18a0b886af8a115f77595c88824d2ac5f067c739
hash: 33d341668135f6f4ccee30425cf933155dc397e26a3004c0a7157d79b0aab451
hash: d581c6859169106373e0a92f550e20fe
hash: 6f49046d5a706ed947fa88c4b34373d9d207f503
hash: d93fdbe6e914edb49305649fabbaf3c5fc5f948dcb19733867f301fb09453f7d
hash: cdd5ee08ce5e64a14a6156b1cc265d5a
hash: 489c196d3e313032da47601df8647867d382b08e
hash: 28a361b436c709a7ed8646d7cb50908bfbc8eb758c9582cfdecd99f3c8ee5937
hash: 92b6e6827ab8d9a76cad79b821c65741
hash: e61335bdcf202213f99b515af280ecb418ce90d5
hash: 1c4a5595000595421337f4e9a6b8a4951bf9fe41d14808c80e64dcc216ff977a
hash: cadbe3c167f56d65f6a845448c2a81eb
hash: 697def42895ea215170b9424c18309c095b68c58
hash: 9cc05976585461aa2cb121cb5d72d0f5b8e4cb696f4bed99e5c4ff940770bd86
hash: baf922cd05d61cfcd1191f5f64d85efb
hash: 70e89e65daeea7067e10183ba7421e2a8ec0b035
hash: 3593249d8e7e73c14339fe1d5f78160c5c6cf0d8c1364048161a3b36c8687b93
hash: 4319b9bd7134c3d7f203e4386e2ccb77
hash: c94f5824f8fa5054448ab3d87a6dfd0a3e3e2ae2
hash: c6005338802bab06239dd2198a844c693f30cd5ff18ab4845f1be401a04b7820
hash: 6239c0ef51053deaf34396209c56daf6
hash: 2d08061863d67aa3b5d18833fb65d85cd433165e
hash: 21902368c056cd8417deb71e041bfe06f997e0f81eae2b00df0922cd3a2acf23
hash: a5ad7fc19478d1141e1ebe9adfdf4d95
hash: d4f2c1ddf5da5bc17c59dc71c35f09a3e17b6853
hash: aa49684e48cdc3a3b706973c0c55fd1a2be03aa0337e15810db20f6a08c127a9
hash: 3fc612f6f17fe05f683953046bc0e17c
hash: 0fd373099b5971b2711b053dce0c34b191e74f99
hash: 5e215a334390def31d3703a0ae78899b4b3ece89ba9a76566667babd326814e9
hash: 838730e736434e633df209264ddc3748
hash: 19ccfb23127ff75aa18df38e3ec68d4101b05775
hash: d7db0d7dc30c23be46f202a33dcddea24f72754ef1ecf12b31680d85797e1b29
hash: cb079daa8e92755891d0082d0223f75c
hash: d2e8337cf41b63cef39a6f1a235dddd12e81c41f
hash: 79e476eb23867a024ae9eb64e9f0cb573ccf14cc26ea4d914fe4ef4b7f22f593
hash: 254d58fc61499f6aef1aeb4894e81e08
hash: 16e83ad4b0e01d17b59bdf23723c8d20890b5549
hash: 495b4e96ce5256185fea0dc1003e5750925b5fdaeca3cb7fc2ad65700e39a644
hash: b6010346cc3d427f2ae9848e0a61a952
hash: f067507f7c92c562b8478bf27b1fab957b52e9bd
hash: e32a931de8c88f256f87edcd9a051fa9553d5d6156725718c24a813db2f2b330
hash: 7d2937742b9829856beb8320cccaa647
hash: 0ba39009a3670b356d36421e68257e78761dd988
hash: 00529b4e3afb5a796a2cfc0d6038f5d571c2acfb81ddf13b209c8ae0f607399e
hash: 68bde46c51c80ba6174cdb8680fe038c
hash: d0cbfd63b354b4103c7731e62f14593967b5dbd0
hash: d05f452bea6a3f06e8702aa3025f52a8b39241b2b3a3cf5c0684f87d69b89e27
hash: 87b8af948627032489eb2d7a9424571f
hash: 11e9e8ec217f02c25710cb592a78e0c9d74dbca7
hash: 2517ed2b2525424d095280b32a99a2d3ead88aa2b8d8e34eb65da2e64dac3c90
hash: 19797642afaf97f9a789ea1100ab2aa9
hash: 968aeb9486cbcfe8f0ea860aa9a3680b19bc8d93
hash: 45b36ff2ce78b270727bfac3bc0caa839d6148e306adf709b0ff2eb9b8735226
hash: c6d1a9310e2776e5460a489b24c623e6
hash: ebc9865407b2a3aba74f8a478236e2d88fc7ae13
hash: 99c418b25045ea631e81565e96967b2207c89e2bf65cda379ae925fc0f0c36d3
hash: b05449f0bd294050dc6c87b03b30575f
hash: ed5d6006accdb5013bc01a679f41b855333b87da
hash: 80dd765c830f488c111c61f86d1f1b3822fb75b5d91c4abe23099bc7e2fa3f81
hash: c0b21fe122fa7d6563cce97952cf5eb3
hash: 3bd6b165fc7a11a96e5fbfd3a119693fc6c5b194
hash: c797f29fc054fb80a5d7a6a66e9304b28fd36b48cfe6782daa70bf20aabf3ecf
hash: bf29384b9a7d044d810cae085398e6cc
hash: a55f66eaa4a8e846e84c9fdc9084558804b94439
hash: e2f723fe52e61403dc1f2c664f20697de255aa51db780cc6353bf0eeeb386dfc
hash: 2abd0ce7d596e81df79a3849c502a13c
hash: 26187998bd339b327ed5a872f8609bb85965275a
hash: deef9f58dab24491a36c20450385f5f53b173875e9abeee6233235724d591d15
hash: 92acabf0f1743575cf47d4696e03741f
hash: 2d26c2d13e2ea6bd34a0aa8339a5dbeecd1ec877
hash: 1282128d901c2381bf43222b8952e2d7f4cf0dbad4e9b0dd5a29a4eddfb56e46
hash: d647bdd828111176f312b05bc117b610
hash: 56292778f90591c0fee29d524ca8eccb7b2de5c4
hash: f3e028476e8eba6b4d210dd1757a1f94c320e2e1c7194d5f449cf9fdb01a4ce9
hash: 83ef11121057f015ea866d2240e223fc
hash: c2a3f053d21823cb7e9ca2f3c1f67f02de92c3b6
hash: 1f4fce1da15f3dc8063a427ff2af18556dda4620b4082a47c6a9436c047d5e8c
hash: 820fe177ca7115b201951493466d8b8c
hash: 539257d1729e0d790499fdbe89445ff34a7ea9bf
hash: f8e5669609dbdacabfbfd7e6f038ac15729838c7c575766d1b752e1845a9a84d
hash: 80dc4ec83c963258b920fa69755b2d2f
hash: 887af7bae133c2264b812bbb5619bbb1fa286a00
hash: 6ca2f6c6a4ab28c5be4f2de9911e7c03d66a25c8bc200a777fb8416720413bc6
hash: ef2820e4b75a009955d39c24a42c4ec6
hash: e7b210c47bff488c03df76cc882d8a75ff5be0ee
hash: 05eb9a9e23b3b1ed990369877270ee32d8bf29616f7ea336c6bf4772380f916b
hash: 82df3797f1d043cc3550a4bcf8c04ca7
hash: 12d3b8f70f42c4c46f5c567de1db7a186922c69a
hash: 5eef22a6ffa213297c9642a5d77a749d73b84e2723b3fc10e70d05da6f507af3
hash: 98f846d3ba26ed0a700393d122dee3d0
hash: 95fe49e00bac0eacec6832a48fbf2b5e0dfe2aa7
hash: 612d30531241eaaab44e734700bb442a295a17c526183f809cd17849ff880d2d
hash: db9b96de49813593fd03f56b63c415e6
hash: cb8cfc7cd9a4bd385c8d72596090f581b94be5d5
hash: f2da651d317de371f5e5179e2e29243be16323c73392aa437f7f2b3fe4c471da
hash: eb6dec3e545d5ad9d08556349db9daa8
hash: 41c1bf9c32d9a42f51140d0e50cda207e6463c62
hash: 75dc57d77a03f52e7d4490f57b440258d1231f0f2efd9e1bd5af0f3e6e169ba8
hash: d02015413dd415c6b13ac5e2cc1a5d3b
hash: 1ddbd47c6cfb278100e539528c7620c7ae392510
hash: ffe0a90a475c34f509ac5fbc65e084dd172d317219ad6705d2b9537b3312f93a
hash: 4b6452824f90e57493bf37a6a8f7c57c
hash: e8e72b5f06f5f9794a163b3fe95269725383905d
hash: 7085e3a803cd04ff43f726c07816734eb4fcf9499b432d67e35c193c663cde1b
hash: 2e5f94bd5dc6742857b0cfa7c527e1c8
hash: 7b516a6fcf394e6ba4400c0bc001577482fbd65e
hash: 6653cce08c5ab06774969078862848e6c92684340a10c7a5845f0e934636c704
hash: f90f1d0a1e44e7b57b4cf0118c1e7428
hash: af31124fe253d0d1307fb85d2a26af499ea6e7c2
hash: 244807fd2a661a53498aff35f940dea0caea6dcc8d1244af8c5cce268d23c117
hash: 94735216fc366c3044b9d0e6652986c7
hash: c2a50a8b66f92518797d8e1b7bdb7f03cba0bd81
hash: 533a1cbaf3c2c3104d299f74907cf34a2ce7e27835d117986e07fdd16b0114be
hash: da1ec633cbc721da3503c1892e9f257e
hash: 78c377c81b5e5d035245f8f512160471c26d24ab
hash: 86db807cd88d69d17858f9b9e6ca7c13849842aeb4b81728455137390bd42c76
hash: 7a6a258eeede298f7d42c892fc1ceebe
hash: 7f39c28be076c882eddb779c9325a90a691d5aa2
hash: f8adb7a5f15c39d7df9be8921dea850cccad2e6f3881b8ec17a2527e5ab0ff3e
hash: 0a6b91d174e06c4b8f9f90dd16b0e9f4
hash: 35c6af29635c53f46dee9a772ec9dbf7ad3762b0
hash: c8ed2f537f20c0085836325c810c2603be6b29251ece8c9f8e2e8873ba5b23e5
hash: 6cc7d7b678c59efaae9dc02bc193848d
hash: 136b229c49ef4d359c0ae7f11baacbee94051787
hash: e08a7ed1e201f5564f8ec101f6f5faff7b93f3d72e340e707e0d4bead84ebe2b
hash: 1c5c089ba5b20bdd4b9c0effa0f3d7b9
domain: ex9.cc
file: 1.171.43.182
hash: 3456
domain: c2.b1o.it
file: 165.232.41.180
hash: 7443
file: 118.24.52.191
hash: 4782
file: 158.69.197.228
hash: 443
domain: h90.wpherc.dev
file: 103.197.191.191
hash: 9090
file: 47.245.95.53
hash: 19287
file: 47.245.95.53
hash: 501
file: 47.245.95.53
hash: 1860
file: 47.245.95.53
hash: 3000
file: 47.245.95.53
hash: 4840
file: 47.245.95.53
hash: 24720
file: 47.245.95.53
hash: 32222
file: 47.245.95.53
hash: 2701
file: 154.89.204.190
hash: 60000
file: 89.23.97.97
hash: 3333
file: 47.129.125.193
hash: 8443
file: 23.27.24.227
hash: 8088
file: 34.63.36.54
hash: 10443
file: 46.101.104.36
hash: 3333
file: 102.215.228.36
hash: 23
file: 85.120.81.84
hash: 80
file: 88.119.171.114
hash: 2444
file: 16.50.41.216
hash: 3260
file: 196.120.22.121
hash: 443
file: 54.95.36.98
hash: 80
file: 60.204.223.231
hash: 10001
file: 43.226.17.29
hash: 1888
domain: design-jordan.gl.at.ply.gg
domain: australia-additionally.gl.at.ply.gg
file: 76.186.153.50
hash: 8808
file: 76.186.153.50
hash: 8080
domain: salpdf.duckdns.org
domain: forcr4ck-24910.portmap.host
file: 155.2.192.209
hash: 8585
url: https://panlos.forum/fudx/api
url: http://95.217.127.138
file: 43.226.17.29
hash: 1889
file: 43.226.17.29
hash: 1899
file: 217.156.123.93
hash: 4783
url: http://kjt.hu/wp-admin/images/panel/gate.php
file: 87.248.145.252
hash: 8848
file: 16.162.253.247
hash: 50376
file: 13.232.253.158
hash: 18138
file: 43.204.30.122
hash: 48591
file: 124.71.102.102
hash: 10001
file: 5.101.81.118
hash: 49202
file: 34.200.27.161
hash: 443
file: 98.142.142.196
hash: 443
file: 3.142.81.166
hash: 10984
file: 8.210.57.20
hash: 7777
url: https://xs.sx.polarissonic.biz.id
domain: xs.sx.polarissonic.biz.id
domain: quagkmz.top
domain: airmcjr.top
domain: chokei.top
domain: linexb.top
domain: clethde.top
domain: nonckucg.top
domain: ellipmea.top
domain: epidebg.top
domain: speazsu.top
domain: deesczj.top
domain: litaneq.top
domain: appevql.top
domain: fireqk.top
domain: setswml.top
domain: airsttu.top
domain: partilj.top
domain: crosske.top
domain: flamiwf.top
domain: procuvt.top
domain: melicov.top
domain: leaprs.top
domain: magneri.pics
domain: inveuy.top
domain: cryixfy.top
domain: coshas.top
domain: heartp.top
domain: arnolfv.top
domain: orderfg.top
domain: provssk.top
domain: marsefx.top
domain: colikvl.pics
domain: excalcf.top
file: 209.38.214.215
hash: 443
file: 5.175.234.28
hash: 7000
file: 94.156.232.202
hash: 443
file: 147.124.213.72
hash: 53105
domain: slvbx0pkq.localto.net
file: 167.99.126.52
hash: 443
file: 67.184.10.92
hash: 4782
domain: fewafef-56170.portmap.host
domain: foreso8150-41869.portmap.host
domain: meet-festivals.gl.at.ply.gg
domain: ssh.serveo.net
url: https://carasvxz.forum/towi/api
file: 191.101.131.21
hash: 4449
file: 51.17.5.111
hash: 4443
file: 47.129.120.1
hash: 28234
file: 130.250.189.144
hash: 80
file: 43.134.83.183
hash: 4444
file: 54.255.243.112
hash: 80
file: 5.181.187.243
hash: 443
file: 103.146.158.129
hash: 1080
domain: gqwy.net
file: 193.161.193.99
hash: 63091
url: http://201906cm.nyash.es/pipejavascripthttpprocessprocessorflowerasyncwordpresscentraltemporary.php
file: 89.34.230.109
hash: 4444
file: 43.156.168.28
hash: 50080
file: 45.81.113.235
hash: 1604
file: 5.231.1.70
hash: 8080
file: 110.43.39.227
hash: 10001
url: https://db.polarissonic.biz.id
domain: db.polarissonic.biz.id
file: 154.211.37.162
hash: 8880
domain: xxx20250710.com
url: http://209.38.214.215:443/bcnj
file: 194.5.65.9
hash: 8080
file: 115.187.17.5
hash: 8080
file: 60.204.198.170
hash: 80
file: 47.108.72.176
hash: 443
file: 118.128.151.10
hash: 80
file: 50.114.115.74
hash: 2404
file: 20.57.135.51
hash: 31337
file: 51.79.188.35
hash: 2222
file: 157.173.197.177
hash: 80
file: 196.251.83.32
hash: 80
file: 43.209.3.178
hash: 6443
file: 43.204.38.39
hash: 38783
file: 104.234.36.60
hash: 4000
file: 47.105.110.118
hash: 443
file: 47.92.5.90
hash: 8000
domain: vmi2025279.contaboserver.net
file: 1.161.74.156
hash: 443
url: https://quagkmz.top/iwoq
url: https://t.me/fsdfggggdt
url: https://t.me/erfkfj3j9f
file: 193.161.193.99
hash: 41399
url: https://pcx.polarissonic.biz.id
domain: pcx.polarissonic.biz.id
domain: cdachyd-mil.serveftp.com

ThreatFox IOCs for 2025-08-10

Severity: medium

Type: malware

ThreatFox IOCs for 2025-08-10

Technical Summary

Potential Impact

Mitigation Recommendations

Affected Countries

Germany, France, United Kingdom, Netherlands, Italy

Indicators of Compromise

domain: trust.scriptobject.com
file: 193.42.110.121
hash: 443
domain: security.flsaregursd.com
domain: kopenbal.com
file: 107.175.88.72
hash: 2404
file: 216.250.250.246
hash: 8443
file: 46.137.225.200
hash: 443
domain: ftp.aigirlfriend.altervista.org
file: 195.133.1.120
hash: 4321
file: 58.215.252.68
hash: 10001
file: 147.50.253.17
hash: 9723
file: 185.241.208.142
hash: 6000
file: 193.161.193.99
hash: 24910
file: 185.129.199.75
hash: 4782
domain: client.hosthlior.com
file: 194.36.188.38
hash: 443
file: 27.215.49.60
hash: 42196
hash: 57cc201cf4cb5d243cc2bc01e1727f943ba17ac2
hash: 4e56441b9bbd11e64810552965d0f476d3a56e3e1d40e36a763507f33ad69f01
hash: e3d3988afa329938351c51f0ca31d677
hash: 53241663c11a155b6d047beaffa7dca35b7fe835
hash: 57860dbded301cb04da8855e742729ca69021a125574a65e37d6c95c027a7cdf
hash: eec796f19e80b6ef876217910b434896
hash: 571bf309ef1af9cf946deb6ce6217c97e4f85d45
hash: ca046e33fb820cd73683ba49f78a432518072c278187fe46973fbbfbfbea1387
hash: e34dd1cc798befa9b241f84706327144
hash: 69ae8af0412f94ac0722842b94c94c5cfa508f06
hash: 421ed766f1d3b0e3dc56305d6da3ef6d25204e6ace54ec0bf4e292e357e3f8dd
hash: e20dce1087c2f13dcfe2452a8b6662f1
hash: ca6d40693637eda11b24bbf19e5369147c251c81
hash: ee9fa135762859f0b7c06a567e9f34c3edb508eb0c01ffe957dc6a2ea7a916f0
hash: b8d64a36c24382e06c34fe999586656f
hash: 107ed710a8f794c16265277dd8ac9b1fde1f0bfc
hash: f8626f86d774c3d65f29ae1c31c77eae9101ebc135446989307754498fb15bfa
hash: b0fdbd8263b6ed11ec2eae95f3361402
hash: 9ffd4d4898b6eee240cc87a8e721a5ae048efa21
hash: 27b889d83fdb49fe8e7da02532d1198056c43afec74f5cf403aa034016220ab1
hash: 0edda9aa96644a03de67e8b7858460cc
hash: 7f31256efca6cee418ce79b23d43afde49488595
hash: 10c5f26fb9e6858d4425e7a270052e31d0b5aa8489b3c5ff185859a5fa5f9e13
hash: 2ed7a0983265d1818e95cbe9fe666e35
hash: a614a2c98a9a5eb79026fc6c58f7a712bd15b29a
hash: 59910a60355e1679b31b2a17c4718d523edc7acaf1a0eb6d2d1f28834f0d043a
hash: 0c51e804d39cf461ce04bbccfc31c0d4
hash: e0072ac2ad495dac9033d36cab10168d9fb13633
hash: 2eb3bd0bf4c9e73f59820d9d1fc6867fcd75d60c56ce91af1f858200b3a19210
hash: 87c48bf6d824f737bd66ae91e8f69449
hash: ca55c6abc907ba35ca6090e16941e42dd8591828
hash: dce5119b46e630305839e89f41f7105eefbf32dd6790a01f4c6205ac92cd47f5
hash: e9e11387759a7669545ef13da3540bfa
hash: f30d317a20c746336eb5d0b270d76b3baa06453a
hash: fa6be9253b224568cd9578b802a1f44a2923733b1e7ee04ef7f3ad9d176648ba
hash: 4185993194d31804fe6538791f9e6294
hash: 588f22efff93d1308fa8a5eeda62d3a4890c9f32
hash: 39fcfca241c6391afc7ad77aa3f2c62b3e49d7e59a5aff0ae845ede5836c933f
hash: 117cefb7dc5562d16456f46fce72fd1d
hash: 3d73afdff57db5d5a5132e722d617682ecbb11f5
hash: f309cd6de21d0af1036687c4e28871e1dcf455ee6245b23d4b38c26df0b49ceb
hash: 38ec12342807d887962474cdb9faab2b
hash: 60ac2902d8aedc6e08d1374795af281ef32002db
hash: fc53884a4452b6f808e280dc3fc3a051d0129be2aabf61ea816dacf6c3ea9e80
hash: 637d140a25eb70e57398fae83ad494fc
hash: 3068f6a72716c3067fede685fb0ae850b69679fe
hash: 370d9f85a3cd1dfc33df7de053a269d9d3c62b84e0f939180e3fbb7e8e12b574
hash: d5848832b09fd4445d2e2a00ea9f2500
hash: 677690f53f60c77b175d493f3f9662dd60a7840e
hash: 069ca288916f93b19a787289c14c675560390609854048815fbcc657cd3eaa3e
hash: 132ca423c57b259d91fb331a8330b06e
hash: 0d04e5d9e213ca4436128fbcaf89a2e499c52d00
hash: 6fe7c33b420058cd0260da2bf84c953fb4470395bdcc79aa29e1e359bfedbaac
hash: cfb2f9ccd268bc1a7552712a6d2cd657
hash: 725a8c839c8e78f5f611fe4532d4df45f117c530
hash: 8dc5ce1b016bdaebc7d77a20cccf815a49840e239c33132d35504d03c5f6ac99
hash: 5eaf0abd7ada39f208121d7d3bd31969
hash: 424fa144fef3c7d139eb690612e2fb7c180b16ce
hash: 0264e2223b01653f3e19ebeb563ebc77086b78625b6c26675c85b470577cf7a4
hash: d2fd8e361f4c4dda1aa3d8cd5489324e
hash: 4499fc2e920f049569f280c962b83e6f06cdcf30
hash: 1ed013a1de4ed2a2a23b6f157b440511e179f6209c62d18f05faf2dd865db955
hash: d289d6a1a5e5260f5ec4c086aaecca15
hash: 7b55d53dfb5990ecd471424a51e1516eb2601b10
hash: d7364c65d5ab68af62326f3e4d495278a7e9389e6c3bb3ae54cae85fff5dfec5
hash: 5d9d44a09f5cb2efccc92456c1b6b675
hash: c170cdd49d298c04618c34671f28597d9cc94450
hash: 03ffd9138d53cd6d65d05e242d9775a3b51201a0d556d208a69509e7be0455b7
hash: 0c5fe9c5efc8518ae098948f69eaaa4a
hash: e8295afc1c2cf0c8a75249f36d305a8169b7e77a
hash: bc1800cb2b769decc9eadc0cc2389b017c0d4cc7cae95cb786c0d1dc9edc712a
hash: d46539a39f8e452f1435cc641f77a590
hash: b8a984affedcac6ebeec1a7c97496ad47796d149
hash: c07a6907f153bb0b47985b21281318b6c88f6851dc13c857ac36c18013b5aeeb
hash: d0e18e59523fbda0be83e2939b01c31c
hash: 3791b2f5beff8308af63ab0d82e356a59510e5f7
hash: 1ca0c8ba7ffba20fb77ade5cb38ee12d6f06e17c326f915b1649918a9732b957
hash: 627e97c050cdfd8aa302bfca98e84f6f
hash: 1cd2ffa83bda7229cba1f747091d7b529465cae1
hash: 17269b07f8f2f16e1d2139282f27e99834c34ed76548851a229bbe59832cb552
hash: f66006ad051c8cfe21adc47b7f766fcc
hash: 0893c40f0f45090198c393a00a76b6b4dc6323f7
hash: f9de9c7b648a66c8ede9153f80c39a47faaa8ef29c6e4f7a98e9e4dda3f99de9
hash: 81e352f312761b0b5e2d919d15f772c2
hash: 47d89e6c23119fcf64c42542147920f16659bdee
hash: 328699bd296a5173e31870de74609e86a296bc7a1eb4eb532898cf1da1120db9
hash: e91d578e60fd3423e2ad29a6eec2328e
hash: 447f9def943ada773064738ccf088f328d947de1
hash: 8f4e5861c66c974fe45934f6d063c445391b833864b9f024483bad72c06e1c5c
hash: 152097f5dbfbf49d21de6154fc5391ed
hash: 5455176a7647f15572269d15a51959ff11a8d6bc
hash: 6381a3f5fc76fdd31bd00a04055d8a7a413217dbf94084fe9f37ef6ff51dd523
hash: 5043c2662dc3317a39df544aa034ee3a
hash: 668c06288552d32bdad845e397a4bbc54f52bc1b
hash: 40d524ba12ded4ec3d041b76deb428be5f19702414f85c5596362b3512ef3dfe
hash: c3075d13b1389b0e0c0de80f937bfe93
hash: 56c8efe9dbba26dceaca7679f3f529bbf7300036
hash: d61d38c490cbeb69dc98be97f33cf269fa4125891a837b02ca4b54704a05879f
hash: f49edaf64830b22c5c5b902d720a5dbd
hash: 18a0b886af8a115f77595c88824d2ac5f067c739
hash: 33d341668135f6f4ccee30425cf933155dc397e26a3004c0a7157d79b0aab451
hash: d581c6859169106373e0a92f550e20fe
hash: 6f49046d5a706ed947fa88c4b34373d9d207f503
hash: d93fdbe6e914edb49305649fabbaf3c5fc5f948dcb19733867f301fb09453f7d
hash: cdd5ee08ce5e64a14a6156b1cc265d5a
hash: 489c196d3e313032da47601df8647867d382b08e
hash: 28a361b436c709a7ed8646d7cb50908bfbc8eb758c9582cfdecd99f3c8ee5937
hash: 92b6e6827ab8d9a76cad79b821c65741
hash: e61335bdcf202213f99b515af280ecb418ce90d5
hash: 1c4a5595000595421337f4e9a6b8a4951bf9fe41d14808c80e64dcc216ff977a
hash: cadbe3c167f56d65f6a845448c2a81eb
hash: 697def42895ea215170b9424c18309c095b68c58
hash: 9cc05976585461aa2cb121cb5d72d0f5b8e4cb696f4bed99e5c4ff940770bd86
hash: baf922cd05d61cfcd1191f5f64d85efb
hash: 70e89e65daeea7067e10183ba7421e2a8ec0b035
hash: 3593249d8e7e73c14339fe1d5f78160c5c6cf0d8c1364048161a3b36c8687b93
hash: 4319b9bd7134c3d7f203e4386e2ccb77
hash: c94f5824f8fa5054448ab3d87a6dfd0a3e3e2ae2
hash: c6005338802bab06239dd2198a844c693f30cd5ff18ab4845f1be401a04b7820
hash: 6239c0ef51053deaf34396209c56daf6
hash: 2d08061863d67aa3b5d18833fb65d85cd433165e
hash: 21902368c056cd8417deb71e041bfe06f997e0f81eae2b00df0922cd3a2acf23
hash: a5ad7fc19478d1141e1ebe9adfdf4d95
hash: d4f2c1ddf5da5bc17c59dc71c35f09a3e17b6853
hash: aa49684e48cdc3a3b706973c0c55fd1a2be03aa0337e15810db20f6a08c127a9
hash: 3fc612f6f17fe05f683953046bc0e17c
hash: 0fd373099b5971b2711b053dce0c34b191e74f99
hash: 5e215a334390def31d3703a0ae78899b4b3ece89ba9a76566667babd326814e9
hash: 838730e736434e633df209264ddc3748
hash: 19ccfb23127ff75aa18df38e3ec68d4101b05775
hash: d7db0d7dc30c23be46f202a33dcddea24f72754ef1ecf12b31680d85797e1b29
hash: cb079daa8e92755891d0082d0223f75c
hash: d2e8337cf41b63cef39a6f1a235dddd12e81c41f
hash: 79e476eb23867a024ae9eb64e9f0cb573ccf14cc26ea4d914fe4ef4b7f22f593
hash: 254d58fc61499f6aef1aeb4894e81e08
hash: 16e83ad4b0e01d17b59bdf23723c8d20890b5549
hash: 495b4e96ce5256185fea0dc1003e5750925b5fdaeca3cb7fc2ad65700e39a644
hash: b6010346cc3d427f2ae9848e0a61a952
hash: f067507f7c92c562b8478bf27b1fab957b52e9bd
hash: e32a931de8c88f256f87edcd9a051fa9553d5d6156725718c24a813db2f2b330
hash: 7d2937742b9829856beb8320cccaa647
hash: 0ba39009a3670b356d36421e68257e78761dd988
hash: 00529b4e3afb5a796a2cfc0d6038f5d571c2acfb81ddf13b209c8ae0f607399e
hash: 68bde46c51c80ba6174cdb8680fe038c
hash: d0cbfd63b354b4103c7731e62f14593967b5dbd0
hash: d05f452bea6a3f06e8702aa3025f52a8b39241b2b3a3cf5c0684f87d69b89e27
hash: 87b8af948627032489eb2d7a9424571f
hash: 11e9e8ec217f02c25710cb592a78e0c9d74dbca7
hash: 2517ed2b2525424d095280b32a99a2d3ead88aa2b8d8e34eb65da2e64dac3c90
hash: 19797642afaf97f9a789ea1100ab2aa9
hash: 968aeb9486cbcfe8f0ea860aa9a3680b19bc8d93
hash: 45b36ff2ce78b270727bfac3bc0caa839d6148e306adf709b0ff2eb9b8735226
hash: c6d1a9310e2776e5460a489b24c623e6
hash: ebc9865407b2a3aba74f8a478236e2d88fc7ae13
hash: 99c418b25045ea631e81565e96967b2207c89e2bf65cda379ae925fc0f0c36d3
hash: b05449f0bd294050dc6c87b03b30575f
hash: ed5d6006accdb5013bc01a679f41b855333b87da
hash: 80dd765c830f488c111c61f86d1f1b3822fb75b5d91c4abe23099bc7e2fa3f81
hash: c0b21fe122fa7d6563cce97952cf5eb3
hash: 3bd6b165fc7a11a96e5fbfd3a119693fc6c5b194
hash: c797f29fc054fb80a5d7a6a66e9304b28fd36b48cfe6782daa70bf20aabf3ecf
hash: bf29384b9a7d044d810cae085398e6cc
hash: a55f66eaa4a8e846e84c9fdc9084558804b94439
hash: e2f723fe52e61403dc1f2c664f20697de255aa51db780cc6353bf0eeeb386dfc
hash: 2abd0ce7d596e81df79a3849c502a13c
hash: 26187998bd339b327ed5a872f8609bb85965275a
hash: deef9f58dab24491a36c20450385f5f53b173875e9abeee6233235724d591d15
hash: 92acabf0f1743575cf47d4696e03741f
hash: 2d26c2d13e2ea6bd34a0aa8339a5dbeecd1ec877
hash: 1282128d901c2381bf43222b8952e2d7f4cf0dbad4e9b0dd5a29a4eddfb56e46
hash: d647bdd828111176f312b05bc117b610
hash: 56292778f90591c0fee29d524ca8eccb7b2de5c4
hash: f3e028476e8eba6b4d210dd1757a1f94c320e2e1c7194d5f449cf9fdb01a4ce9
hash: 83ef11121057f015ea866d2240e223fc
hash: c2a3f053d21823cb7e9ca2f3c1f67f02de92c3b6
hash: 1f4fce1da15f3dc8063a427ff2af18556dda4620b4082a47c6a9436c047d5e8c
hash: 820fe177ca7115b201951493466d8b8c
hash: 539257d1729e0d790499fdbe89445ff34a7ea9bf
hash: f8e5669609dbdacabfbfd7e6f038ac15729838c7c575766d1b752e1845a9a84d
hash: 80dc4ec83c963258b920fa69755b2d2f
hash: 887af7bae133c2264b812bbb5619bbb1fa286a00
hash: 6ca2f6c6a4ab28c5be4f2de9911e7c03d66a25c8bc200a777fb8416720413bc6
hash: ef2820e4b75a009955d39c24a42c4ec6
hash: e7b210c47bff488c03df76cc882d8a75ff5be0ee
hash: 05eb9a9e23b3b1ed990369877270ee32d8bf29616f7ea336c6bf4772380f916b
hash: 82df3797f1d043cc3550a4bcf8c04ca7
hash: 12d3b8f70f42c4c46f5c567de1db7a186922c69a
hash: 5eef22a6ffa213297c9642a5d77a749d73b84e2723b3fc10e70d05da6f507af3
hash: 98f846d3ba26ed0a700393d122dee3d0
hash: 95fe49e00bac0eacec6832a48fbf2b5e0dfe2aa7
hash: 612d30531241eaaab44e734700bb442a295a17c526183f809cd17849ff880d2d
hash: db9b96de49813593fd03f56b63c415e6
hash: cb8cfc7cd9a4bd385c8d72596090f581b94be5d5
hash: f2da651d317de371f5e5179e2e29243be16323c73392aa437f7f2b3fe4c471da
hash: eb6dec3e545d5ad9d08556349db9daa8
hash: 41c1bf9c32d9a42f51140d0e50cda207e6463c62
hash: 75dc57d77a03f52e7d4490f57b440258d1231f0f2efd9e1bd5af0f3e6e169ba8
hash: d02015413dd415c6b13ac5e2cc1a5d3b
hash: 1ddbd47c6cfb278100e539528c7620c7ae392510
hash: ffe0a90a475c34f509ac5fbc65e084dd172d317219ad6705d2b9537b3312f93a
hash: 4b6452824f90e57493bf37a6a8f7c57c
hash: e8e72b5f06f5f9794a163b3fe95269725383905d
hash: 7085e3a803cd04ff43f726c07816734eb4fcf9499b432d67e35c193c663cde1b
hash: 2e5f94bd5dc6742857b0cfa7c527e1c8
hash: 7b516a6fcf394e6ba4400c0bc001577482fbd65e
hash: 6653cce08c5ab06774969078862848e6c92684340a10c7a5845f0e934636c704
hash: f90f1d0a1e44e7b57b4cf0118c1e7428
hash: af31124fe253d0d1307fb85d2a26af499ea6e7c2
hash: 244807fd2a661a53498aff35f940dea0caea6dcc8d1244af8c5cce268d23c117
hash: 94735216fc366c3044b9d0e6652986c7
hash: c2a50a8b66f92518797d8e1b7bdb7f03cba0bd81
hash: 533a1cbaf3c2c3104d299f74907cf34a2ce7e27835d117986e07fdd16b0114be
hash: da1ec633cbc721da3503c1892e9f257e
hash: 78c377c81b5e5d035245f8f512160471c26d24ab
hash: 86db807cd88d69d17858f9b9e6ca7c13849842aeb4b81728455137390bd42c76
hash: 7a6a258eeede298f7d42c892fc1ceebe
hash: 7f39c28be076c882eddb779c9325a90a691d5aa2
hash: f8adb7a5f15c39d7df9be8921dea850cccad2e6f3881b8ec17a2527e5ab0ff3e
hash: 0a6b91d174e06c4b8f9f90dd16b0e9f4
hash: 35c6af29635c53f46dee9a772ec9dbf7ad3762b0
hash: c8ed2f537f20c0085836325c810c2603be6b29251ece8c9f8e2e8873ba5b23e5
hash: 6cc7d7b678c59efaae9dc02bc193848d
hash: 136b229c49ef4d359c0ae7f11baacbee94051787
hash: e08a7ed1e201f5564f8ec101f6f5faff7b93f3d72e340e707e0d4bead84ebe2b
hash: 1c5c089ba5b20bdd4b9c0effa0f3d7b9
domain: ex9.cc
file: 1.171.43.182
hash: 3456
domain: c2.b1o.it
file: 165.232.41.180
hash: 7443
file: 118.24.52.191
hash: 4782
file: 158.69.197.228
hash: 443
domain: h90.wpherc.dev
file: 103.197.191.191
hash: 9090
file: 47.245.95.53
hash: 19287
file: 47.245.95.53
hash: 501
file: 47.245.95.53
hash: 1860
file: 47.245.95.53
hash: 3000
file: 47.245.95.53
hash: 4840
file: 47.245.95.53
hash: 24720
file: 47.245.95.53
hash: 32222
file: 47.245.95.53
hash: 2701
file: 154.89.204.190
hash: 60000
file: 89.23.97.97
hash: 3333
file: 47.129.125.193
hash: 8443
file: 23.27.24.227
hash: 8088
file: 34.63.36.54
hash: 10443
file: 46.101.104.36
hash: 3333
file: 102.215.228.36
hash: 23
file: 85.120.81.84
hash: 80
file: 88.119.171.114
hash: 2444
file: 16.50.41.216
hash: 3260
file: 196.120.22.121
hash: 443
file: 54.95.36.98
hash: 80
file: 60.204.223.231
hash: 10001
file: 43.226.17.29
hash: 1888
domain: design-jordan.gl.at.ply.gg
domain: australia-additionally.gl.at.ply.gg
file: 76.186.153.50
hash: 8808
file: 76.186.153.50
hash: 8080
domain: salpdf.duckdns.org
domain: forcr4ck-24910.portmap.host
file: 155.2.192.209
hash: 8585
url: https://panlos.forum/fudx/api
url: http://95.217.127.138
file: 43.226.17.29
hash: 1889
file: 43.226.17.29
hash: 1899
file: 217.156.123.93
hash: 4783
url: http://kjt.hu/wp-admin/images/panel/gate.php
file: 87.248.145.252
hash: 8848
file: 16.162.253.247
hash: 50376
file: 13.232.253.158
hash: 18138
file: 43.204.30.122
hash: 48591
file: 124.71.102.102
hash: 10001
file: 5.101.81.118
hash: 49202
file: 34.200.27.161
hash: 443
file: 98.142.142.196
hash: 443
file: 3.142.81.166
hash: 10984
file: 8.210.57.20
hash: 7777
url: https://xs.sx.polarissonic.biz.id
domain: xs.sx.polarissonic.biz.id
domain: quagkmz.top
domain: airmcjr.top
domain: chokei.top
domain: linexb.top
domain: clethde.top
domain: nonckucg.top
domain: ellipmea.top
domain: epidebg.top
domain: speazsu.top
domain: deesczj.top
domain: litaneq.top
domain: appevql.top
domain: fireqk.top
domain: setswml.top
domain: airsttu.top
domain: partilj.top
domain: crosske.top
domain: flamiwf.top
domain: procuvt.top
domain: melicov.top
domain: leaprs.top
domain: magneri.pics
domain: inveuy.top
domain: cryixfy.top
domain: coshas.top
domain: heartp.top
domain: arnolfv.top
domain: orderfg.top
domain: provssk.top
domain: marsefx.top
domain: colikvl.pics
domain: excalcf.top
file: 209.38.214.215
hash: 443
file: 5.175.234.28
hash: 7000
file: 94.156.232.202
hash: 443
file: 147.124.213.72
hash: 53105
domain: slvbx0pkq.localto.net
file: 167.99.126.52
hash: 443
file: 67.184.10.92
hash: 4782
domain: fewafef-56170.portmap.host
domain: foreso8150-41869.portmap.host
domain: meet-festivals.gl.at.ply.gg
domain: ssh.serveo.net
url: https://carasvxz.forum/towi/api
file: 191.101.131.21
hash: 4449
file: 51.17.5.111
hash: 4443
file: 47.129.120.1
hash: 28234
file: 130.250.189.144
hash: 80
file: 43.134.83.183
hash: 4444
file: 54.255.243.112
hash: 80
file: 5.181.187.243
hash: 443
file: 103.146.158.129
hash: 1080
domain: gqwy.net
file: 193.161.193.99
hash: 63091
url: http://201906cm.nyash.es/pipejavascripthttpprocessprocessorflowerasyncwordpresscentraltemporary.php
file: 89.34.230.109
hash: 4444
file: 43.156.168.28
hash: 50080
file: 45.81.113.235
hash: 1604
file: 5.231.1.70
hash: 8080
file: 110.43.39.227
hash: 10001
url: https://db.polarissonic.biz.id
domain: db.polarissonic.biz.id
file: 154.211.37.162
hash: 8880
domain: xxx20250710.com
url: http://209.38.214.215:443/bcnj
file: 194.5.65.9
hash: 8080
file: 115.187.17.5
hash: 8080
file: 60.204.198.170
hash: 80
file: 47.108.72.176
hash: 443
file: 118.128.151.10
hash: 80
file: 50.114.115.74
hash: 2404
file: 20.57.135.51
hash: 31337
file: 51.79.188.35
hash: 2222
file: 157.173.197.177
hash: 80
file: 196.251.83.32
hash: 80
file: 43.209.3.178
hash: 6443
file: 43.204.38.39
hash: 38783
file: 104.234.36.60
hash: 4000
file: 47.105.110.118
hash: 443
file: 47.92.5.90
hash: 8000
domain: vmi2025279.contaboserver.net
file: 1.161.74.156
hash: 443
url: https://quagkmz.top/iwoq
url: https://t.me/fsdfggggdt
url: https://t.me/erfkfj3j9f
file: 193.161.193.99
hash: 41399
url: https://pcx.polarissonic.biz.id
domain: pcx.polarissonic.biz.id
domain: cdachyd-mil.serveftp.com

Source: ThreatFox MISP Feed

Published: Sun Aug 10 2025

ThreatFox IOCs for 2025-08-10

Medium

Malwaretype:osint tlp:white

Published: Sun Aug 10 2025 (08/10/2025, 00:00:00 UTC)

Source: ThreatFox MISP Feed

Vendor/Project: type

Product: osint

Description

ThreatFox IOCs for 2025-08-10

AI-Powered Analysis

AILast updated: 08/11/2025, 00:32:52 UTC

Technical Analysis

Potential Impact

Mitigation Recommendations

Affected Countries

Need more detailed analysis?Get Pro

Pro Feature

For access to advanced analysis and higher rate limits, contact root@offseq.com

Technical Details

Threat Level: 2
Analysis: 1
Distribution: 3
Uuid: 202f5fb7-b80f-46da-9f3f-5235dcab20fc
Original Timestamp: 1754870585

Indicators of Compromise

Domain

Value	Description	Copy
domaintrust.scriptobject.com	FAKEUPDATES payload delivery domain (confidence level: 100%)
domainsecurity.flsaregursd.com	Unknown malware payload delivery domain (confidence level: 100%)
domainkopenbal.com	Unknown malware payload delivery domain (confidence level: 100%)
domainftp.aigirlfriend.altervista.org	Unknown malware botnet C2 domain (confidence level: 100%)
domainclient.hosthlior.com	Cobalt Strike botnet C2 domain (confidence level: 75%)
domainex9.cc	Cobalt Strike botnet C2 domain (confidence level: 100%)
domainc2.b1o.it	Unknown malware botnet C2 domain (confidence level: 100%)
domainh90.wpherc.dev	Ares botnet C2 domain (confidence level: 90%)
domaindesign-jordan.gl.at.ply.gg	XWorm botnet C2 domain (confidence level: 100%)
domainaustralia-additionally.gl.at.ply.gg	XWorm botnet C2 domain (confidence level: 100%)
domainsalpdf.duckdns.org	AsyncRAT botnet C2 domain (confidence level: 100%)
domainforcr4ck-24910.portmap.host	Quasar RAT botnet C2 domain (confidence level: 100%)
domainxs.sx.polarissonic.biz.id	Vidar botnet C2 domain (confidence level: 75%)
domainquagkmz.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainairmcjr.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainchokei.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainlinexb.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainclethde.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainnonckucg.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainellipmea.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainepidebg.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainspeazsu.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domaindeesczj.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainlitaneq.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainappevql.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainfireqk.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainsetswml.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainairsttu.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainpartilj.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domaincrosske.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainflamiwf.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainprocuvt.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainmelicov.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainleaprs.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainmagneri.pics	Lumma Stealer botnet C2 domain (confidence level: 75%)
domaininveuy.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domaincryixfy.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domaincoshas.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainheartp.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainarnolfv.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainorderfg.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainprovssk.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainmarsefx.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domaincolikvl.pics	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainexcalcf.top	Lumma Stealer botnet C2 domain (confidence level: 75%)
domainslvbx0pkq.localto.net	AsyncRAT botnet C2 domain (confidence level: 100%)
domainfewafef-56170.portmap.host	Quasar RAT botnet C2 domain (confidence level: 100%)
domainforeso8150-41869.portmap.host	Quasar RAT botnet C2 domain (confidence level: 100%)
domainmeet-festivals.gl.at.ply.gg	Quasar RAT botnet C2 domain (confidence level: 100%)
domainssh.serveo.net	Quasar RAT botnet C2 domain (confidence level: 100%)
domaingqwy.net	Cobalt Strike botnet C2 domain (confidence level: 75%)
domaindb.polarissonic.biz.id	Vidar botnet C2 domain (confidence level: 75%)
domainxxx20250710.com	ValleyRAT botnet C2 domain (confidence level: 100%)
domainvmi2025279.contaboserver.net	XWorm botnet C2 domain (confidence level: 100%)
domainpcx.polarissonic.biz.id	Vidar botnet C2 domain (confidence level: 75%)
domaincdachyd-mil.serveftp.com	Cobalt Strike botnet C2 domain (confidence level: 75%)

File

Value	Description	Copy
file193.42.110.121	FAKEUPDATES payload delivery server (confidence level: 100%)
file107.175.88.72	Remcos botnet C2 server (confidence level: 100%)
file216.250.250.246	Remcos botnet C2 server (confidence level: 100%)
file46.137.225.200	FAKEUPDATES botnet C2 server (confidence level: 100%)
file195.133.1.120	AdaptixC2 botnet C2 server (confidence level: 100%)
file58.215.252.68	Xtreme RAT botnet C2 server (confidence level: 100%)
file147.50.253.17	XWorm botnet C2 server (confidence level: 100%)
file185.241.208.142	XWorm botnet C2 server (confidence level: 100%)
file193.161.193.99	Quasar RAT botnet C2 server (confidence level: 100%)
file185.129.199.75	Quasar RAT botnet C2 server (confidence level: 75%)
file194.36.188.38	Cobalt Strike botnet C2 server (confidence level: 75%)
file27.215.49.60	Loki Password Stealer (PWS) botnet C2 server (confidence level: 75%)
file1.171.43.182	Ghost RAT botnet C2 server (confidence level: 75%)
file165.232.41.180	Unknown malware botnet C2 server (confidence level: 100%)
file118.24.52.191	Quasar RAT botnet C2 server (confidence level: 100%)
file158.69.197.228	Havoc botnet C2 server (confidence level: 100%)
file103.197.191.191	Unknown malware botnet C2 server (confidence level: 100%)
file47.245.95.53	Unknown malware botnet C2 server (confidence level: 100%)
file47.245.95.53	Unknown malware botnet C2 server (confidence level: 100%)
file47.245.95.53	Unknown malware botnet C2 server (confidence level: 100%)
file47.245.95.53	Unknown malware botnet C2 server (confidence level: 100%)
file47.245.95.53	Unknown malware botnet C2 server (confidence level: 100%)
file47.245.95.53	Unknown malware botnet C2 server (confidence level: 100%)
file47.245.95.53	Unknown malware botnet C2 server (confidence level: 100%)
file47.245.95.53	Unknown malware botnet C2 server (confidence level: 100%)
file154.89.204.190	Unknown malware botnet C2 server (confidence level: 100%)
file89.23.97.97	Unknown malware botnet C2 server (confidence level: 100%)
file47.129.125.193	Unknown malware botnet C2 server (confidence level: 100%)
file23.27.24.227	Unknown malware botnet C2 server (confidence level: 100%)
file34.63.36.54	Unknown malware botnet C2 server (confidence level: 100%)
file46.101.104.36	Unknown malware botnet C2 server (confidence level: 100%)
file102.215.228.36	Bashlite botnet C2 server (confidence level: 90%)
file85.120.81.84	BianLian botnet C2 server (confidence level: 100%)
file88.119.171.114	Remcos botnet C2 server (confidence level: 100%)
file16.50.41.216	NetSupportManager RAT botnet C2 server (confidence level: 100%)
file196.120.22.121	NetSupportManager RAT botnet C2 server (confidence level: 100%)
file54.95.36.98	Brute Ratel C4 botnet C2 server (confidence level: 100%)
file60.204.223.231	Xtreme RAT botnet C2 server (confidence level: 100%)
file43.226.17.29	ValleyRAT botnet C2 server (confidence level: 100%)
file76.186.153.50	AsyncRAT botnet C2 server (confidence level: 100%)
file76.186.153.50	AsyncRAT botnet C2 server (confidence level: 100%)
file155.2.192.209	Quasar RAT botnet C2 server (confidence level: 100%)
file43.226.17.29	ValleyRAT botnet C2 server (confidence level: 100%)
file43.226.17.29	ValleyRAT botnet C2 server (confidence level: 100%)
file217.156.123.93	Quasar RAT botnet C2 server (confidence level: 75%)
file87.248.145.252	DCRat botnet C2 server (confidence level: 100%)
file16.162.253.247	NetSupportManager RAT botnet C2 server (confidence level: 100%)
file13.232.253.158	NetSupportManager RAT botnet C2 server (confidence level: 100%)
file43.204.30.122	NetSupportManager RAT botnet C2 server (confidence level: 100%)
file124.71.102.102	Xtreme RAT botnet C2 server (confidence level: 100%)
file5.101.81.118	Rhadamanthys botnet C2 server (confidence level: 100%)
file34.200.27.161	DeimosC2 botnet C2 server (confidence level: 75%)
file98.142.142.196	DeimosC2 botnet C2 server (confidence level: 75%)
file3.142.81.166	NjRAT botnet C2 server (confidence level: 75%)
file8.210.57.20	ValleyRAT botnet C2 server (confidence level: 100%)
file209.38.214.215	Cobalt Strike botnet C2 server (confidence level: 100%)
file5.175.234.28	XWorm botnet C2 server (confidence level: 100%)
file94.156.232.202	Remcos botnet C2 server (confidence level: 100%)
file147.124.213.72	Remcos botnet C2 server (confidence level: 100%)
file167.99.126.52	Sliver botnet C2 server (confidence level: 100%)
file67.184.10.92	Quasar RAT botnet C2 server (confidence level: 100%)
file191.101.131.21	Venom RAT botnet C2 server (confidence level: 100%)
file51.17.5.111	NetSupportManager RAT botnet C2 server (confidence level: 100%)
file47.129.120.1	NetSupportManager RAT botnet C2 server (confidence level: 100%)
file130.250.189.144	MooBot botnet C2 server (confidence level: 100%)
file43.134.83.183	Cobalt Strike botnet C2 server (confidence level: 100%)
file54.255.243.112	Cobalt Strike botnet C2 server (confidence level: 100%)
file5.181.187.243	Cobalt Strike botnet C2 server (confidence level: 100%)
file103.146.158.129	Cobalt Strike botnet C2 server (confidence level: 100%)
file193.161.193.99	XWorm botnet C2 server (confidence level: 100%)
file89.34.230.109	XenoRAT botnet C2 server (confidence level: 100%)
file43.156.168.28	Cobalt Strike botnet C2 server (confidence level: 100%)
file45.81.113.235	DarkComet botnet C2 server (confidence level: 100%)
file5.231.1.70	Chaos botnet C2 server (confidence level: 100%)
file110.43.39.227	Xtreme RAT botnet C2 server (confidence level: 100%)
file154.211.37.162	ValleyRAT botnet C2 server (confidence level: 100%)
file194.5.65.9	NjRAT botnet C2 server (confidence level: 100%)
file115.187.17.5	Cobalt Strike botnet C2 server (confidence level: 100%)
file60.204.198.170	Cobalt Strike botnet C2 server (confidence level: 100%)
file47.108.72.176	Cobalt Strike botnet C2 server (confidence level: 100%)
file118.128.151.10	Ghost RAT botnet C2 server (confidence level: 100%)
file50.114.115.74	Remcos botnet C2 server (confidence level: 100%)
file20.57.135.51	Sliver botnet C2 server (confidence level: 100%)
file51.79.188.35	AsyncRAT botnet C2 server (confidence level: 100%)
file157.173.197.177	AsyncRAT botnet C2 server (confidence level: 100%)
file196.251.83.32	Hook botnet C2 server (confidence level: 100%)
file43.209.3.178	NetSupportManager RAT botnet C2 server (confidence level: 100%)
file43.204.38.39	NetSupportManager RAT botnet C2 server (confidence level: 100%)
file104.234.36.60	Unknown malware botnet C2 server (confidence level: 100%)
file47.105.110.118	Unknown malware botnet C2 server (confidence level: 100%)
file47.92.5.90	MimiKatz botnet C2 server (confidence level: 100%)
file1.161.74.156	QakBot botnet C2 server (confidence level: 75%)
file193.161.193.99	XWorm botnet C2 server (confidence level: 100%)

Hash

Value	Description	Copy
hash443	FAKEUPDATES payload delivery server (confidence level: 100%)
hash2404	Remcos botnet C2 server (confidence level: 100%)
hash8443	Remcos botnet C2 server (confidence level: 100%)
hash443	FAKEUPDATES botnet C2 server (confidence level: 100%)
hash4321	AdaptixC2 botnet C2 server (confidence level: 100%)
hash10001	Xtreme RAT botnet C2 server (confidence level: 100%)
hash9723	XWorm botnet C2 server (confidence level: 100%)
hash6000	XWorm botnet C2 server (confidence level: 100%)
hash24910	Quasar RAT botnet C2 server (confidence level: 100%)
hash4782	Quasar RAT botnet C2 server (confidence level: 75%)
hash443	Cobalt Strike botnet C2 server (confidence level: 75%)
hash42196	Loki Password Stealer (PWS) botnet C2 server (confidence level: 75%)
hash57cc201cf4cb5d243cc2bc01e1727f943ba17ac2	Quasar RAT payload (confidence level: 95%)
hash4e56441b9bbd11e64810552965d0f476d3a56e3e1d40e36a763507f33ad69f01	Quasar RAT payload (confidence level: 95%)
hashe3d3988afa329938351c51f0ca31d677	Quasar RAT payload (confidence level: 95%)
hash53241663c11a155b6d047beaffa7dca35b7fe835	Typhon Stealer payload (confidence level: 95%)
hash57860dbded301cb04da8855e742729ca69021a125574a65e37d6c95c027a7cdf	Typhon Stealer payload (confidence level: 95%)
hasheec796f19e80b6ef876217910b434896	Typhon Stealer payload (confidence level: 95%)
hash571bf309ef1af9cf946deb6ce6217c97e4f85d45	XWorm payload (confidence level: 95%)
hashca046e33fb820cd73683ba49f78a432518072c278187fe46973fbbfbfbea1387	XWorm payload (confidence level: 95%)
hashe34dd1cc798befa9b241f84706327144	XWorm payload (confidence level: 95%)
hash69ae8af0412f94ac0722842b94c94c5cfa508f06	XWorm payload (confidence level: 95%)
hash421ed766f1d3b0e3dc56305d6da3ef6d25204e6ace54ec0bf4e292e357e3f8dd	XWorm payload (confidence level: 95%)
hashe20dce1087c2f13dcfe2452a8b6662f1	XWorm payload (confidence level: 95%)
hashca6d40693637eda11b24bbf19e5369147c251c81	Quasar RAT payload (confidence level: 95%)
hashee9fa135762859f0b7c06a567e9f34c3edb508eb0c01ffe957dc6a2ea7a916f0	Quasar RAT payload (confidence level: 95%)
hashb8d64a36c24382e06c34fe999586656f	Quasar RAT payload (confidence level: 95%)
hash107ed710a8f794c16265277dd8ac9b1fde1f0bfc	Coinminer payload (confidence level: 95%)
hashf8626f86d774c3d65f29ae1c31c77eae9101ebc135446989307754498fb15bfa	Coinminer payload (confidence level: 95%)
hashb0fdbd8263b6ed11ec2eae95f3361402	Coinminer payload (confidence level: 95%)
hash9ffd4d4898b6eee240cc87a8e721a5ae048efa21	Luca Stealer payload (confidence level: 95%)
hash27b889d83fdb49fe8e7da02532d1198056c43afec74f5cf403aa034016220ab1	Luca Stealer payload (confidence level: 95%)
hash0edda9aa96644a03de67e8b7858460cc	Luca Stealer payload (confidence level: 95%)
hash7f31256efca6cee418ce79b23d43afde49488595	NjRAT payload (confidence level: 95%)
hash10c5f26fb9e6858d4425e7a270052e31d0b5aa8489b3c5ff185859a5fa5f9e13	NjRAT payload (confidence level: 95%)
hash2ed7a0983265d1818e95cbe9fe666e35	NjRAT payload (confidence level: 95%)
hasha614a2c98a9a5eb79026fc6c58f7a712bd15b29a	AsyncRAT payload (confidence level: 95%)
hash59910a60355e1679b31b2a17c4718d523edc7acaf1a0eb6d2d1f28834f0d043a	AsyncRAT payload (confidence level: 95%)
hash0c51e804d39cf461ce04bbccfc31c0d4	AsyncRAT payload (confidence level: 95%)
hashe0072ac2ad495dac9033d36cab10168d9fb13633	AsyncRAT payload (confidence level: 95%)
hash2eb3bd0bf4c9e73f59820d9d1fc6867fcd75d60c56ce91af1f858200b3a19210	AsyncRAT payload (confidence level: 95%)
hash87c48bf6d824f737bd66ae91e8f69449	AsyncRAT payload (confidence level: 95%)
hashca55c6abc907ba35ca6090e16941e42dd8591828	AsyncRAT payload (confidence level: 95%)
hashdce5119b46e630305839e89f41f7105eefbf32dd6790a01f4c6205ac92cd47f5	AsyncRAT payload (confidence level: 95%)
hashe9e11387759a7669545ef13da3540bfa	AsyncRAT payload (confidence level: 95%)
hashf30d317a20c746336eb5d0b270d76b3baa06453a	XWorm payload (confidence level: 95%)
hashfa6be9253b224568cd9578b802a1f44a2923733b1e7ee04ef7f3ad9d176648ba	XWorm payload (confidence level: 95%)
hash4185993194d31804fe6538791f9e6294	XWorm payload (confidence level: 95%)
hash588f22efff93d1308fa8a5eeda62d3a4890c9f32	XWorm payload (confidence level: 95%)
hash39fcfca241c6391afc7ad77aa3f2c62b3e49d7e59a5aff0ae845ede5836c933f	XWorm payload (confidence level: 95%)
hash117cefb7dc5562d16456f46fce72fd1d	XWorm payload (confidence level: 95%)
hash3d73afdff57db5d5a5132e722d617682ecbb11f5	ValleyRAT payload (confidence level: 95%)
hashf309cd6de21d0af1036687c4e28871e1dcf455ee6245b23d4b38c26df0b49ceb	ValleyRAT payload (confidence level: 95%)
hash38ec12342807d887962474cdb9faab2b	ValleyRAT payload (confidence level: 95%)
hash60ac2902d8aedc6e08d1374795af281ef32002db	XWorm payload (confidence level: 95%)
hashfc53884a4452b6f808e280dc3fc3a051d0129be2aabf61ea816dacf6c3ea9e80	XWorm payload (confidence level: 95%)
hash637d140a25eb70e57398fae83ad494fc	XWorm payload (confidence level: 95%)
hash3068f6a72716c3067fede685fb0ae850b69679fe	Amadey payload (confidence level: 95%)
hash370d9f85a3cd1dfc33df7de053a269d9d3c62b84e0f939180e3fbb7e8e12b574	Amadey payload (confidence level: 95%)
hashd5848832b09fd4445d2e2a00ea9f2500	Amadey payload (confidence level: 95%)
hash677690f53f60c77b175d493f3f9662dd60a7840e	Cobalt Strike payload (confidence level: 95%)
hash069ca288916f93b19a787289c14c675560390609854048815fbcc657cd3eaa3e	Cobalt Strike payload (confidence level: 95%)
hash132ca423c57b259d91fb331a8330b06e	Cobalt Strike payload (confidence level: 95%)
hash0d04e5d9e213ca4436128fbcaf89a2e499c52d00	Rerdom payload (confidence level: 95%)
hash6fe7c33b420058cd0260da2bf84c953fb4470395bdcc79aa29e1e359bfedbaac	Rerdom payload (confidence level: 95%)
hashcfb2f9ccd268bc1a7552712a6d2cd657	Rerdom payload (confidence level: 95%)
hash725a8c839c8e78f5f611fe4532d4df45f117c530	Agent Tesla payload (confidence level: 95%)
hash8dc5ce1b016bdaebc7d77a20cccf815a49840e239c33132d35504d03c5f6ac99	Agent Tesla payload (confidence level: 95%)
hash5eaf0abd7ada39f208121d7d3bd31969	Agent Tesla payload (confidence level: 95%)
hash424fa144fef3c7d139eb690612e2fb7c180b16ce	XWorm payload (confidence level: 95%)
hash0264e2223b01653f3e19ebeb563ebc77086b78625b6c26675c85b470577cf7a4	XWorm payload (confidence level: 95%)
hashd2fd8e361f4c4dda1aa3d8cd5489324e	XWorm payload (confidence level: 95%)
hash4499fc2e920f049569f280c962b83e6f06cdcf30	Pony payload (confidence level: 95%)
hash1ed013a1de4ed2a2a23b6f157b440511e179f6209c62d18f05faf2dd865db955	Pony payload (confidence level: 95%)
hashd289d6a1a5e5260f5ec4c086aaecca15	Pony payload (confidence level: 95%)
hash7b55d53dfb5990ecd471424a51e1516eb2601b10	MASS Logger payload (confidence level: 95%)
hashd7364c65d5ab68af62326f3e4d495278a7e9389e6c3bb3ae54cae85fff5dfec5	MASS Logger payload (confidence level: 95%)
hash5d9d44a09f5cb2efccc92456c1b6b675	MASS Logger payload (confidence level: 95%)
hashc170cdd49d298c04618c34671f28597d9cc94450	MASS Logger payload (confidence level: 95%)
hash03ffd9138d53cd6d65d05e242d9775a3b51201a0d556d208a69509e7be0455b7	MASS Logger payload (confidence level: 95%)
hash0c5fe9c5efc8518ae098948f69eaaa4a	MASS Logger payload (confidence level: 95%)
hashe8295afc1c2cf0c8a75249f36d305a8169b7e77a	Vidar payload (confidence level: 95%)
hashbc1800cb2b769decc9eadc0cc2389b017c0d4cc7cae95cb786c0d1dc9edc712a	Vidar payload (confidence level: 95%)
hashd46539a39f8e452f1435cc641f77a590	Vidar payload (confidence level: 95%)
hashb8a984affedcac6ebeec1a7c97496ad47796d149	XWorm payload (confidence level: 95%)
hashc07a6907f153bb0b47985b21281318b6c88f6851dc13c857ac36c18013b5aeeb	XWorm payload (confidence level: 95%)
hashd0e18e59523fbda0be83e2939b01c31c	XWorm payload (confidence level: 95%)
hash3791b2f5beff8308af63ab0d82e356a59510e5f7	Luca Stealer payload (confidence level: 95%)
hash1ca0c8ba7ffba20fb77ade5cb38ee12d6f06e17c326f915b1649918a9732b957	Luca Stealer payload (confidence level: 95%)
hash627e97c050cdfd8aa302bfca98e84f6f	Luca Stealer payload (confidence level: 95%)
hash1cd2ffa83bda7229cba1f747091d7b529465cae1	Formbook payload (confidence level: 95%)
hash17269b07f8f2f16e1d2139282f27e99834c34ed76548851a229bbe59832cb552	Formbook payload (confidence level: 95%)
hashf66006ad051c8cfe21adc47b7f766fcc	Formbook payload (confidence level: 95%)
hash0893c40f0f45090198c393a00a76b6b4dc6323f7	SigLoader payload (confidence level: 95%)
hashf9de9c7b648a66c8ede9153f80c39a47faaa8ef29c6e4f7a98e9e4dda3f99de9	SigLoader payload (confidence level: 95%)
hash81e352f312761b0b5e2d919d15f772c2	SigLoader payload (confidence level: 95%)
hash47d89e6c23119fcf64c42542147920f16659bdee	Amadey payload (confidence level: 95%)
hash328699bd296a5173e31870de74609e86a296bc7a1eb4eb532898cf1da1120db9	Amadey payload (confidence level: 95%)
hashe91d578e60fd3423e2ad29a6eec2328e	Amadey payload (confidence level: 95%)
hash447f9def943ada773064738ccf088f328d947de1	ValleyRAT payload (confidence level: 95%)
hash8f4e5861c66c974fe45934f6d063c445391b833864b9f024483bad72c06e1c5c	ValleyRAT payload (confidence level: 95%)
hash152097f5dbfbf49d21de6154fc5391ed	ValleyRAT payload (confidence level: 95%)
hash5455176a7647f15572269d15a51959ff11a8d6bc	ColdStealer payload (confidence level: 95%)
hash6381a3f5fc76fdd31bd00a04055d8a7a413217dbf94084fe9f37ef6ff51dd523	ColdStealer payload (confidence level: 95%)
hash5043c2662dc3317a39df544aa034ee3a	ColdStealer payload (confidence level: 95%)
hash668c06288552d32bdad845e397a4bbc54f52bc1b	ColdStealer payload (confidence level: 95%)
hash40d524ba12ded4ec3d041b76deb428be5f19702414f85c5596362b3512ef3dfe	ColdStealer payload (confidence level: 95%)
hashc3075d13b1389b0e0c0de80f937bfe93	ColdStealer payload (confidence level: 95%)
hash56c8efe9dbba26dceaca7679f3f529bbf7300036	Formbook payload (confidence level: 95%)
hashd61d38c490cbeb69dc98be97f33cf269fa4125891a837b02ca4b54704a05879f	Formbook payload (confidence level: 95%)
hashf49edaf64830b22c5c5b902d720a5dbd	Formbook payload (confidence level: 95%)
hash18a0b886af8a115f77595c88824d2ac5f067c739	Cobalt Strike payload (confidence level: 95%)
hash33d341668135f6f4ccee30425cf933155dc397e26a3004c0a7157d79b0aab451	Cobalt Strike payload (confidence level: 95%)
hashd581c6859169106373e0a92f550e20fe	Cobalt Strike payload (confidence level: 95%)
hash6f49046d5a706ed947fa88c4b34373d9d207f503	Amadey payload (confidence level: 95%)
hashd93fdbe6e914edb49305649fabbaf3c5fc5f948dcb19733867f301fb09453f7d	Amadey payload (confidence level: 95%)
hashcdd5ee08ce5e64a14a6156b1cc265d5a	Amadey payload (confidence level: 95%)
hash489c196d3e313032da47601df8647867d382b08e	Luca Stealer payload (confidence level: 95%)
hash28a361b436c709a7ed8646d7cb50908bfbc8eb758c9582cfdecd99f3c8ee5937	Luca Stealer payload (confidence level: 95%)
hash92b6e6827ab8d9a76cad79b821c65741	Luca Stealer payload (confidence level: 95%)
hashe61335bdcf202213f99b515af280ecb418ce90d5	ValleyRAT payload (confidence level: 95%)
hash1c4a5595000595421337f4e9a6b8a4951bf9fe41d14808c80e64dcc216ff977a	ValleyRAT payload (confidence level: 95%)
hashcadbe3c167f56d65f6a845448c2a81eb	ValleyRAT payload (confidence level: 95%)
hash697def42895ea215170b9424c18309c095b68c58	ValleyRAT payload (confidence level: 95%)
hash9cc05976585461aa2cb121cb5d72d0f5b8e4cb696f4bed99e5c4ff940770bd86	ValleyRAT payload (confidence level: 95%)
hashbaf922cd05d61cfcd1191f5f64d85efb	ValleyRAT payload (confidence level: 95%)
hash70e89e65daeea7067e10183ba7421e2a8ec0b035	Luca Stealer payload (confidence level: 95%)
hash3593249d8e7e73c14339fe1d5f78160c5c6cf0d8c1364048161a3b36c8687b93	Luca Stealer payload (confidence level: 95%)
hash4319b9bd7134c3d7f203e4386e2ccb77	Luca Stealer payload (confidence level: 95%)
hashc94f5824f8fa5054448ab3d87a6dfd0a3e3e2ae2	StrelaStealer payload (confidence level: 95%)
hashc6005338802bab06239dd2198a844c693f30cd5ff18ab4845f1be401a04b7820	StrelaStealer payload (confidence level: 95%)
hash6239c0ef51053deaf34396209c56daf6	StrelaStealer payload (confidence level: 95%)
hash2d08061863d67aa3b5d18833fb65d85cd433165e	StrelaStealer payload (confidence level: 95%)
hash21902368c056cd8417deb71e041bfe06f997e0f81eae2b00df0922cd3a2acf23	StrelaStealer payload (confidence level: 95%)
hasha5ad7fc19478d1141e1ebe9adfdf4d95	StrelaStealer payload (confidence level: 95%)
hashd4f2c1ddf5da5bc17c59dc71c35f09a3e17b6853	Vidar payload (confidence level: 95%)
hashaa49684e48cdc3a3b706973c0c55fd1a2be03aa0337e15810db20f6a08c127a9	Vidar payload (confidence level: 95%)
hash3fc612f6f17fe05f683953046bc0e17c	Vidar payload (confidence level: 95%)
hash0fd373099b5971b2711b053dce0c34b191e74f99	StrelaStealer payload (confidence level: 95%)
hash5e215a334390def31d3703a0ae78899b4b3ece89ba9a76566667babd326814e9	StrelaStealer payload (confidence level: 95%)
hash838730e736434e633df209264ddc3748	StrelaStealer payload (confidence level: 95%)
hash19ccfb23127ff75aa18df38e3ec68d4101b05775	Rhadamanthys payload (confidence level: 95%)
hashd7db0d7dc30c23be46f202a33dcddea24f72754ef1ecf12b31680d85797e1b29	Rhadamanthys payload (confidence level: 95%)
hashcb079daa8e92755891d0082d0223f75c	Rhadamanthys payload (confidence level: 95%)
hashd2e8337cf41b63cef39a6f1a235dddd12e81c41f	ValleyRAT payload (confidence level: 95%)
hash79e476eb23867a024ae9eb64e9f0cb573ccf14cc26ea4d914fe4ef4b7f22f593	ValleyRAT payload (confidence level: 95%)
hash254d58fc61499f6aef1aeb4894e81e08	ValleyRAT payload (confidence level: 95%)
hash16e83ad4b0e01d17b59bdf23723c8d20890b5549	Luca Stealer payload (confidence level: 95%)
hash495b4e96ce5256185fea0dc1003e5750925b5fdaeca3cb7fc2ad65700e39a644	Luca Stealer payload (confidence level: 95%)
hashb6010346cc3d427f2ae9848e0a61a952	Luca Stealer payload (confidence level: 95%)
hashf067507f7c92c562b8478bf27b1fab957b52e9bd	FireCrypt payload (confidence level: 95%)
hashe32a931de8c88f256f87edcd9a051fa9553d5d6156725718c24a813db2f2b330	FireCrypt payload (confidence level: 95%)
hash7d2937742b9829856beb8320cccaa647	FireCrypt payload (confidence level: 95%)
hash0ba39009a3670b356d36421e68257e78761dd988	RedEnergy Stealer payload (confidence level: 95%)
hash00529b4e3afb5a796a2cfc0d6038f5d571c2acfb81ddf13b209c8ae0f607399e	RedEnergy Stealer payload (confidence level: 95%)
hash68bde46c51c80ba6174cdb8680fe038c	RedEnergy Stealer payload (confidence level: 95%)
hashd0cbfd63b354b4103c7731e62f14593967b5dbd0	Quasar RAT payload (confidence level: 95%)
hashd05f452bea6a3f06e8702aa3025f52a8b39241b2b3a3cf5c0684f87d69b89e27	Quasar RAT payload (confidence level: 95%)
hash87b8af948627032489eb2d7a9424571f	Quasar RAT payload (confidence level: 95%)
hash11e9e8ec217f02c25710cb592a78e0c9d74dbca7	Formbook payload (confidence level: 95%)
hash2517ed2b2525424d095280b32a99a2d3ead88aa2b8d8e34eb65da2e64dac3c90	Formbook payload (confidence level: 95%)
hash19797642afaf97f9a789ea1100ab2aa9	Formbook payload (confidence level: 95%)
hash968aeb9486cbcfe8f0ea860aa9a3680b19bc8d93	XWorm payload (confidence level: 95%)
hash45b36ff2ce78b270727bfac3bc0caa839d6148e306adf709b0ff2eb9b8735226	XWorm payload (confidence level: 95%)
hashc6d1a9310e2776e5460a489b24c623e6	XWorm payload (confidence level: 95%)
hashebc9865407b2a3aba74f8a478236e2d88fc7ae13	Luca Stealer payload (confidence level: 95%)
hash99c418b25045ea631e81565e96967b2207c89e2bf65cda379ae925fc0f0c36d3	Luca Stealer payload (confidence level: 95%)
hashb05449f0bd294050dc6c87b03b30575f	Luca Stealer payload (confidence level: 95%)
hashed5d6006accdb5013bc01a679f41b855333b87da	DCRat payload (confidence level: 95%)
hash80dd765c830f488c111c61f86d1f1b3822fb75b5d91c4abe23099bc7e2fa3f81	DCRat payload (confidence level: 95%)
hashc0b21fe122fa7d6563cce97952cf5eb3	DCRat payload (confidence level: 95%)
hash3bd6b165fc7a11a96e5fbfd3a119693fc6c5b194	Quasar RAT payload (confidence level: 95%)
hashc797f29fc054fb80a5d7a6a66e9304b28fd36b48cfe6782daa70bf20aabf3ecf	Quasar RAT payload (confidence level: 95%)
hashbf29384b9a7d044d810cae085398e6cc	Quasar RAT payload (confidence level: 95%)
hasha55f66eaa4a8e846e84c9fdc9084558804b94439	Quasar RAT payload (confidence level: 95%)
hashe2f723fe52e61403dc1f2c664f20697de255aa51db780cc6353bf0eeeb386dfc	Quasar RAT payload (confidence level: 95%)
hash2abd0ce7d596e81df79a3849c502a13c	Quasar RAT payload (confidence level: 95%)
hash26187998bd339b327ed5a872f8609bb85965275a	ValleyRAT payload (confidence level: 95%)
hashdeef9f58dab24491a36c20450385f5f53b173875e9abeee6233235724d591d15	ValleyRAT payload (confidence level: 95%)
hash92acabf0f1743575cf47d4696e03741f	ValleyRAT payload (confidence level: 95%)
hash2d26c2d13e2ea6bd34a0aa8339a5dbeecd1ec877	XWorm payload (confidence level: 95%)
hash1282128d901c2381bf43222b8952e2d7f4cf0dbad4e9b0dd5a29a4eddfb56e46	XWorm payload (confidence level: 95%)
hashd647bdd828111176f312b05bc117b610	XWorm payload (confidence level: 95%)
hash56292778f90591c0fee29d524ca8eccb7b2de5c4	Rhadamanthys payload (confidence level: 95%)
hashf3e028476e8eba6b4d210dd1757a1f94c320e2e1c7194d5f449cf9fdb01a4ce9	Rhadamanthys payload (confidence level: 95%)
hash83ef11121057f015ea866d2240e223fc	Rhadamanthys payload (confidence level: 95%)
hashc2a3f053d21823cb7e9ca2f3c1f67f02de92c3b6	XWorm payload (confidence level: 95%)
hash1f4fce1da15f3dc8063a427ff2af18556dda4620b4082a47c6a9436c047d5e8c	XWorm payload (confidence level: 95%)
hash820fe177ca7115b201951493466d8b8c	XWorm payload (confidence level: 95%)
hash539257d1729e0d790499fdbe89445ff34a7ea9bf	Rhadamanthys payload (confidence level: 95%)
hashf8e5669609dbdacabfbfd7e6f038ac15729838c7c575766d1b752e1845a9a84d	Rhadamanthys payload (confidence level: 95%)
hash80dc4ec83c963258b920fa69755b2d2f	Rhadamanthys payload (confidence level: 95%)
hash887af7bae133c2264b812bbb5619bbb1fa286a00	PlugX payload (confidence level: 95%)
hash6ca2f6c6a4ab28c5be4f2de9911e7c03d66a25c8bc200a777fb8416720413bc6	PlugX payload (confidence level: 95%)
hashef2820e4b75a009955d39c24a42c4ec6	PlugX payload (confidence level: 95%)
hashe7b210c47bff488c03df76cc882d8a75ff5be0ee	DICELOADER payload (confidence level: 95%)
hash05eb9a9e23b3b1ed990369877270ee32d8bf29616f7ea336c6bf4772380f916b	DICELOADER payload (confidence level: 95%)
hash82df3797f1d043cc3550a4bcf8c04ca7	DICELOADER payload (confidence level: 95%)
hash12d3b8f70f42c4c46f5c567de1db7a186922c69a	Rhadamanthys payload (confidence level: 95%)
hash5eef22a6ffa213297c9642a5d77a749d73b84e2723b3fc10e70d05da6f507af3	Rhadamanthys payload (confidence level: 95%)
hash98f846d3ba26ed0a700393d122dee3d0	Rhadamanthys payload (confidence level: 95%)
hash95fe49e00bac0eacec6832a48fbf2b5e0dfe2aa7	ValleyRAT payload (confidence level: 95%)
hash612d30531241eaaab44e734700bb442a295a17c526183f809cd17849ff880d2d	ValleyRAT payload (confidence level: 95%)
hashdb9b96de49813593fd03f56b63c415e6	ValleyRAT payload (confidence level: 95%)
hashcb8cfc7cd9a4bd385c8d72596090f581b94be5d5	MASS Logger payload (confidence level: 95%)
hashf2da651d317de371f5e5179e2e29243be16323c73392aa437f7f2b3fe4c471da	MASS Logger payload (confidence level: 95%)
hasheb6dec3e545d5ad9d08556349db9daa8	MASS Logger payload (confidence level: 95%)
hash41c1bf9c32d9a42f51140d0e50cda207e6463c62	DarkTortilla payload (confidence level: 95%)
hash75dc57d77a03f52e7d4490f57b440258d1231f0f2efd9e1bd5af0f3e6e169ba8	DarkTortilla payload (confidence level: 95%)
hashd02015413dd415c6b13ac5e2cc1a5d3b	DarkTortilla payload (confidence level: 95%)
hash1ddbd47c6cfb278100e539528c7620c7ae392510	DarkTortilla payload (confidence level: 95%)
hashffe0a90a475c34f509ac5fbc65e084dd172d317219ad6705d2b9537b3312f93a	DarkTortilla payload (confidence level: 95%)
hash4b6452824f90e57493bf37a6a8f7c57c	DarkTortilla payload (confidence level: 95%)
hashe8e72b5f06f5f9794a163b3fe95269725383905d	DarkTortilla payload (confidence level: 95%)
hash7085e3a803cd04ff43f726c07816734eb4fcf9499b432d67e35c193c663cde1b	DarkTortilla payload (confidence level: 95%)
hash2e5f94bd5dc6742857b0cfa7c527e1c8	DarkTortilla payload (confidence level: 95%)
hash7b516a6fcf394e6ba4400c0bc001577482fbd65e	DarkTortilla payload (confidence level: 95%)
hash6653cce08c5ab06774969078862848e6c92684340a10c7a5845f0e934636c704	DarkTortilla payload (confidence level: 95%)
hashf90f1d0a1e44e7b57b4cf0118c1e7428	DarkTortilla payload (confidence level: 95%)
hashaf31124fe253d0d1307fb85d2a26af499ea6e7c2	DarkTortilla payload (confidence level: 95%)
hash244807fd2a661a53498aff35f940dea0caea6dcc8d1244af8c5cce268d23c117	DarkTortilla payload (confidence level: 95%)
hash94735216fc366c3044b9d0e6652986c7	DarkTortilla payload (confidence level: 95%)
hashc2a50a8b66f92518797d8e1b7bdb7f03cba0bd81	Vidar payload (confidence level: 95%)
hash533a1cbaf3c2c3104d299f74907cf34a2ce7e27835d117986e07fdd16b0114be	Vidar payload (confidence level: 95%)
hashda1ec633cbc721da3503c1892e9f257e	Vidar payload (confidence level: 95%)
hash78c377c81b5e5d035245f8f512160471c26d24ab	Coinminer payload (confidence level: 95%)
hash86db807cd88d69d17858f9b9e6ca7c13849842aeb4b81728455137390bd42c76	Coinminer payload (confidence level: 95%)
hash7a6a258eeede298f7d42c892fc1ceebe	Coinminer payload (confidence level: 95%)
hash7f39c28be076c882eddb779c9325a90a691d5aa2	RedLine Stealer payload (confidence level: 95%)
hashf8adb7a5f15c39d7df9be8921dea850cccad2e6f3881b8ec17a2527e5ab0ff3e	RedLine Stealer payload (confidence level: 95%)
hash0a6b91d174e06c4b8f9f90dd16b0e9f4	RedLine Stealer payload (confidence level: 95%)
hash35c6af29635c53f46dee9a772ec9dbf7ad3762b0	RokRAT payload (confidence level: 95%)
hashc8ed2f537f20c0085836325c810c2603be6b29251ece8c9f8e2e8873ba5b23e5	RokRAT payload (confidence level: 95%)
hash6cc7d7b678c59efaae9dc02bc193848d	RokRAT payload (confidence level: 95%)
hash136b229c49ef4d359c0ae7f11baacbee94051787	Stealc payload (confidence level: 95%)
hashe08a7ed1e201f5564f8ec101f6f5faff7b93f3d72e340e707e0d4bead84ebe2b	Stealc payload (confidence level: 95%)
hash1c5c089ba5b20bdd4b9c0effa0f3d7b9	Stealc payload (confidence level: 95%)
hash3456	Ghost RAT botnet C2 server (confidence level: 75%)
hash7443	Unknown malware botnet C2 server (confidence level: 100%)
hash4782	Quasar RAT botnet C2 server (confidence level: 100%)
hash443	Havoc botnet C2 server (confidence level: 100%)
hash9090	Unknown malware botnet C2 server (confidence level: 100%)
hash19287	Unknown malware botnet C2 server (confidence level: 100%)
hash501	Unknown malware botnet C2 server (confidence level: 100%)
hash1860	Unknown malware botnet C2 server (confidence level: 100%)
hash3000	Unknown malware botnet C2 server (confidence level: 100%)
hash4840	Unknown malware botnet C2 server (confidence level: 100%)
hash24720	Unknown malware botnet C2 server (confidence level: 100%)
hash32222	Unknown malware botnet C2 server (confidence level: 100%)
hash2701	Unknown malware botnet C2 server (confidence level: 100%)
hash60000	Unknown malware botnet C2 server (confidence level: 100%)
hash3333	Unknown malware botnet C2 server (confidence level: 100%)
hash8443	Unknown malware botnet C2 server (confidence level: 100%)
hash8088	Unknown malware botnet C2 server (confidence level: 100%)
hash10443	Unknown malware botnet C2 server (confidence level: 100%)
hash3333	Unknown malware botnet C2 server (confidence level: 100%)
hash23	Bashlite botnet C2 server (confidence level: 90%)
hash80	BianLian botnet C2 server (confidence level: 100%)
hash2444	Remcos botnet C2 server (confidence level: 100%)
hash3260	NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash443	NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash80	Brute Ratel C4 botnet C2 server (confidence level: 100%)
hash10001	Xtreme RAT botnet C2 server (confidence level: 100%)
hash1888	ValleyRAT botnet C2 server (confidence level: 100%)
hash8808	AsyncRAT botnet C2 server (confidence level: 100%)
hash8080	AsyncRAT botnet C2 server (confidence level: 100%)
hash8585	Quasar RAT botnet C2 server (confidence level: 100%)
hash1889	ValleyRAT botnet C2 server (confidence level: 100%)
hash1899	ValleyRAT botnet C2 server (confidence level: 100%)
hash4783	Quasar RAT botnet C2 server (confidence level: 75%)
hash8848	DCRat botnet C2 server (confidence level: 100%)
hash50376	NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash18138	NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash48591	NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash10001	Xtreme RAT botnet C2 server (confidence level: 100%)
hash49202	Rhadamanthys botnet C2 server (confidence level: 100%)
hash443	DeimosC2 botnet C2 server (confidence level: 75%)
hash443	DeimosC2 botnet C2 server (confidence level: 75%)
hash10984	NjRAT botnet C2 server (confidence level: 75%)
hash7777	ValleyRAT botnet C2 server (confidence level: 100%)
hash443	Cobalt Strike botnet C2 server (confidence level: 100%)
hash7000	XWorm botnet C2 server (confidence level: 100%)
hash443	Remcos botnet C2 server (confidence level: 100%)
hash53105	Remcos botnet C2 server (confidence level: 100%)
hash443	Sliver botnet C2 server (confidence level: 100%)
hash4782	Quasar RAT botnet C2 server (confidence level: 100%)
hash4449	Venom RAT botnet C2 server (confidence level: 100%)
hash4443	NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash28234	NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash80	MooBot botnet C2 server (confidence level: 100%)
hash4444	Cobalt Strike botnet C2 server (confidence level: 100%)
hash80	Cobalt Strike botnet C2 server (confidence level: 100%)
hash443	Cobalt Strike botnet C2 server (confidence level: 100%)
hash1080	Cobalt Strike botnet C2 server (confidence level: 100%)
hash63091	XWorm botnet C2 server (confidence level: 100%)
hash4444	XenoRAT botnet C2 server (confidence level: 100%)
hash50080	Cobalt Strike botnet C2 server (confidence level: 100%)
hash1604	DarkComet botnet C2 server (confidence level: 100%)
hash8080	Chaos botnet C2 server (confidence level: 100%)
hash10001	Xtreme RAT botnet C2 server (confidence level: 100%)
hash8880	ValleyRAT botnet C2 server (confidence level: 100%)
hash8080	NjRAT botnet C2 server (confidence level: 100%)
hash8080	Cobalt Strike botnet C2 server (confidence level: 100%)
hash80	Cobalt Strike botnet C2 server (confidence level: 100%)
hash443	Cobalt Strike botnet C2 server (confidence level: 100%)
hash80	Ghost RAT botnet C2 server (confidence level: 100%)
hash2404	Remcos botnet C2 server (confidence level: 100%)
hash31337	Sliver botnet C2 server (confidence level: 100%)
hash2222	AsyncRAT botnet C2 server (confidence level: 100%)
hash80	AsyncRAT botnet C2 server (confidence level: 100%)
hash80	Hook botnet C2 server (confidence level: 100%)
hash6443	NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash38783	NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash4000	Unknown malware botnet C2 server (confidence level: 100%)
hash443	Unknown malware botnet C2 server (confidence level: 100%)
hash8000	MimiKatz botnet C2 server (confidence level: 100%)
hash443	QakBot botnet C2 server (confidence level: 75%)
hash41399	XWorm botnet C2 server (confidence level: 100%)

Url

Value	Description	Copy
urlhttps://panlos.forum/fudx/api	Lumma Stealer botnet C2 (confidence level: 100%)
urlhttp://95.217.127.138	Stealc botnet C2 (confidence level: 100%)
urlhttp://kjt.hu/wp-admin/images/panel/gate.php	Pony botnet C2 (confidence level: 100%)
urlhttps://xs.sx.polarissonic.biz.id	Vidar botnet C2 (confidence level: 75%)
urlhttps://carasvxz.forum/towi/api	Lumma Stealer botnet C2 (confidence level: 100%)
urlhttp://201906cm.nyash.es/pipejavascripthttpprocessprocessorflowerasyncwordpresscentraltemporary.php	DCRat botnet C2 (confidence level: 100%)
urlhttps://db.polarissonic.biz.id	Vidar botnet C2 (confidence level: 75%)
urlhttp://209.38.214.215:443/bcnj	Cobalt Strike botnet C2 (confidence level: 75%)
urlhttps://quagkmz.top/iwoq	Lumma Stealer botnet C2 (confidence level: 75%)
urlhttps://t.me/fsdfggggdt	Lumma Stealer botnet C2 (confidence level: 75%)
urlhttps://t.me/erfkfj3j9f	Lumma Stealer botnet C2 (confidence level: 75%)
urlhttps://pcx.polarissonic.biz.id	Vidar botnet C2 (confidence level: 75%)

Threat ID: 6899369dad5a09ad001cc375

Added to database: 8/11/2025, 12:17:33 AM

Last enriched: 8/11/2025, 12:32:52 AM

Last updated: 8/11/2025, 6:17:33 AM

Related Threats

Unmasking SocGholish: Untangling the Malware Web Behind the 'Pioneer of Fake Updates' and Its Operator

Medium

MalwareFri Aug 08 2025

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

External Links

Search on Google

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

ThreatFox IOCs for 2025-08-10

AI Analysis

Technical Summary

Potential Impact

Mitigation Recommendations

Affected Countries

Indicators of Compromise

ThreatFox IOCs for 2025-08-10

Description

AI-Powered Analysis

Technical Analysis

Potential Impact

Mitigation Recommendations

Affected Countries

Technical Details

Indicators of Compromise

Domain

File

Hash

Url

Related Threats

ThreatFox IOCs for 2025-08-09

Embargo Ransomware nets $34.2M in crypto since April 2024

ThreatFox IOCs for 2025-08-08

Efimer Trojan delivered via email and hacked WordPress websites

Unmasking SocGholish: Untangling the Malware Web Behind the 'Pioneer of Fake Updates' and Its Operator

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility