Reconnecting to live updates…

ThreatFox IOCs for 2026-02-01

Severity: mediumType: malware

AI Analysis

Technical Summary

This entry from the ThreatFox MISP feed dated 2026-02-01 provides a set of Indicators of Compromise (IOCs) related to malware activities, specifically focusing on OSINT, network activity, and payload delivery. However, the report lacks detailed technical information such as specific malware families, affected software versions, or attack vectors. No Common Weakness Enumerations (CWEs) are listed, and no patches or known exploits are available, indicating that this is likely an intelligence update rather than a description of an active exploit or vulnerability. The threat level is rated low (2 out of a possible higher scale), with moderate distribution (3), suggesting some dissemination of related data but limited immediate threat. The absence of indicators and technical details limits the ability to perform deep forensic or defensive actions. This type of report is typical for OSINT feeds that aggregate and share threat intelligence to aid organizations in early detection and situational awareness. The medium severity rating likely reflects the potential for these IOCs to be used in network monitoring and incident response rather than an active, high-impact threat. Organizations can use this information to update detection rules and monitor for suspicious network activity or payload delivery attempts that match the shared intelligence.

Potential Impact

The potential impact of this threat on European organizations is currently limited due to the lack of specific exploit details or active campaigns. Since no known exploits or patches are associated, the immediate risk of compromise is low. However, the presence of network activity and payload delivery categories suggests that these IOCs could be indicators of malware campaigns or intrusion attempts that might target European networks. Organizations relying heavily on OSINT for threat detection may benefit from integrating these IOCs to enhance their monitoring capabilities. If leveraged by attackers, these indicators could facilitate reconnaissance or initial access phases in cyberattacks, potentially impacting confidentiality and availability if payloads are successfully delivered. The medium severity rating implies a moderate risk that requires attention but does not indicate an urgent or critical threat. Overall, the impact is more on the defensive posture and situational awareness rather than direct operational disruption at this time.

Mitigation Recommendations

1. Integrate the provided IOCs into existing Security Information and Event Management (SIEM) systems and threat intelligence platforms to enhance detection capabilities. 2. Conduct regular network traffic analysis focusing on unusual payload delivery patterns or connections matching the threat intelligence. 3. Maintain updated endpoint detection and response (EDR) solutions to identify and isolate suspicious activities related to malware payloads. 4. Enhance employee awareness and training on recognizing phishing or social engineering attempts that could lead to payload delivery. 5. Collaborate with national and European cybersecurity centers to share and receive updated threat intelligence. 6. Implement network segmentation and strict access controls to limit the spread of potential malware infections. 7. Regularly review and update incident response plans to incorporate OSINT-derived intelligence for timely reaction. 8. Since no patches are available, focus on proactive detection and containment rather than remediation of vulnerabilities.

Affected Countries

Germany, France, United Kingdom, Netherlands, Italy, Spain

Indicators of Compromise

file: 130.193.34.57
hash: 3778
file: 195.178.136.38
hash: 80
url: https://18.217.34.53/
file: 181.214.100.216
hash: 80
domain: 8l0nigjfnjuq3vnystisyg==
file: 161.97.182.121
hash: 80
file: 13.135.251.41
hash: 10259
domain: downloads.beaconvistamedical.com
file: 185.125.91.3
hash: 80
file: 185.125.91.3
hash: 443
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/ged13/bb80
url: https://185.125.91.3/
url: http://144.31.166.169/22f497205c838ab3.php
file: 91.92.120.109
hash: 62026
hash: 3ff111f0659a076e47cd0caf48013e068459efd8
hash: 6dfc959713cb5ff03a439ff2df42bb4868a3f3b00fd6aca29be21ad7ebf1afb7
hash: 455743653d28556edc1da0874425dc4b
hash: cd61a4a9a5a7519128633ac27f44849dbbc15413
hash: 22d77061cbccb048adf52021775abc6a1af7eca93638b6043ad6f560b5e4d423
hash: 6a9c08da41d7f15291ad6dacc5b7a5c5
hash: 30aa9a92e8be58fdbf3b077d3fd3a6c8cbe890a0
hash: 1475a3bb4ec2d699b19fcc965c7a133dd253fa1e7aa1aed1eb85604315f34882
hash: 735af08a6a65e4efc3f6d2c70427c0e5
hash: 67bc6769efe16f31c310c17c954d4b1987263acb
hash: 8a3553c5000a72016304a37d8e403236339db1468fc1e0072bcdc9d7a7849430
hash: fecd2d69bf422d501ed22005047d4046
hash: b8a298c1d3422089afbe4295708013b6744acbb9
hash: 7798165f2a3542ed381179e299c7b909af9c7cfd4d7c272ef30e5ddf62ecc867
hash: 2bd7774fa9ad56924d2aa0497e9ce05d
hash: 834e69f7cabebcdcb327e80e2d67e5c1bf0ac243
hash: b65e358f50489d16259f50dc37d3f997990b699980798aa5430877603717ec5d
hash: 0017be2c052f09f5ed154aa0fb31ef6c
hash: 035e0cf9f10df045b4bc0d4aad5d60df3abc1592
hash: 27c0ef1769c0dec264d62c1fe045295df2ab7db3ee7eddcef84b3b647d55130e
hash: cc767ca97c495638ac7b57e2e0634e36
hash: 3f386816d6ec1f5dc696c12c60ddddc9e9471672
hash: 1dca871a9485fc5e894cdf39e563a36d015823bf4f28bb558ca18dbe7cfec959
hash: 073f385aefeec02d4797df68d5d16f99
hash: d5cf2558d6e0ebf34b19fab430a2c4b98d1d922d
hash: 90223a0bf3a14fc840cc51baeced06fd17a7853a52537ab84fbeab4d050e5b90
hash: d17a39209828a2033375cd59759b8f64
hash: af221e6609bb544787a5baca96f1a7faa620ef5e
hash: 54193af95cf82cdbcc2b331bfd7112915a54bfd872b4fce2e148777fff41a995
hash: 9d18ee23e1c0f2575d1638502d753aec
hash: 51dc56f5c78ccac565abf297ebbec24e27b97c3e
hash: 043411ec48a610695668589c877e96b333b1a7b2ba07304ab0776339edf61cc1
hash: 5dc395bdeed0ac727586defc61a6b8d2
hash: 0515c4bb4dad5f7713f4ac53dd63e20e85e550e3
hash: c6f803c1468193c54a22608ac6ff545fcead6788e95d759fd30525eae9b6f67e
hash: 731d00f84d4a27e71709941b8f77fe6e
hash: 66640606d40b0409b63ee0d4b7533e31b0c17a08
hash: 3259083a3d9a3b1bb0cc9bbe388537f6fa558329c10984ca296da0eb8e5cf634
hash: 55209f0c96c3759909f7c5992c9949f8
hash: fc4dcc91a5593d9482c9959f44eb6bd2448901d0
hash: 8507309e3f00c1258d632b4de937dd9540751e56e6276d7226dd6c916456a763
hash: 3487509b16cb20e049103683452758da
hash: 73d6ec213c7496cf609a6346fd450d7770625308
hash: 5ee01a7ec5257373175090e2bc23fae980ac996325ffa4bffc5bd53164c21d49
hash: c020897e864c09809dc03ec392a63f34
hash: 289c072ae8060b40ce8be5287d41ce1ea6294e8a
hash: af45e7ab9d8c10b174c3ae27c54f39e69311c1716be6af42cc50eaaf96e29710
hash: 7c18eee37de273104221f90d4f0ce836
hash: ee07090dd47d36597b74629712c939f4a085199f
hash: e8d499ad4ca9316f31db2dbd2253cc956a4f77f7e37b8713ea6268681d5ea060
hash: 32e759af27903aa2e45f078ac41d201b
hash: 3970186bd1c9bdbfae46cde28f52574f6e9fe200
hash: 70aacb6ae4c62d3913af232c5f67f17f532c8379adfa0d1ab0185620fb62627f
hash: 2d76c960ac7c7af2bc4a50af7da4b0ba
hash: a4eb9a1ddabfbc1fe025f91b9aa1ff998f51f250
hash: 18c871a4c22e7b1beb5179784418121d92504f952fd5b37fd527d7bb615e32a5
hash: 16c781156fb68ccf801f1cf15ddabfb8
hash: 3a50d9cb563e42dd26f202bb88f64d42f093d735
hash: 4ec6916ca3d4f328e21a32cdbaea12c713abeb472544e24226b3260c784775cd
hash: 67e40f1bc0ce227d400f9ccb10d78def
hash: c696b3a04c31ab28441e50cc7b4b95cdcf47a053
hash: 7c3f488c63c3d29166dcc56d1d6a1fad304933b6c463c660e010cb3825046335
hash: 9db3ccab1fb84d5a92c761462fa2ffb0
hash: fc92ec4a9c0ac504b56994d1aaaa9f2c10d7f124
hash: 466eaaa3dfa085451b1ddf7455914d2235ffefb763f85afaa630fa7c6d309578
hash: dbfeea0b6ec18dd542e41ea1da439c8f
hash: d8563460bd03d6a0213a23f98f1d5100323d3246
hash: 7da382f87aeccf21dd8c656174fdcb66813c6c79305beebffad863eb2159c9b5
hash: 9050fe36280d3fd80e183403d419b8f1
hash: e8573f3356b9a39126e26731cd278eef6a4f4d79
hash: 74dafa33b566bce5c47eddf84e43718444f6ac55c96941da1824a05c799d5911
hash: ca6e3441c33e306038adfa627112f901
hash: 4567834aea8921cacd16e488d3aeae66494bb085
hash: edb2e646f7d889b6d979f2d5d53c075d2f454860777a91c6619125f95ee7e88f
hash: 2ba2409b7771a25f8723b16f8644e7ce
hash: 14c77f8c63d5ebeadfde160643395ed973fca2c1
hash: ca04e090471a92350a6b6a3636b7a850036408b989cebf2ff314ee564c0c2419
hash: bee5b0ea86a61182fabf0970c5aa5678
hash: 46854a3850065a048e9d3306e27ccb3f2a0928ae
hash: 62b0f6a41b6027c2b82ae449bfef9d8a6f682d77d47f1ee019e701e9d494ec65
hash: 692a5ab1c371887aaed5986cff42b3cf
hash: 50d36c3f221f197c2dfbd5c05192f3156b1c4bd9
hash: 098e0f982f6e766e1f9603075e7b91addf6cd5839ff3bbebae8ec280d2cb2421
hash: ff643f984bb67a9933bb43532dee0e63
hash: e48589cacf866a2e216878dd8b1f8f0ebdf3df59
hash: ffa35e8c18950c68e2888a96c7138493c213c52747a45c5914f468a5ea0acdcc
hash: 97a31c5bf745c361fde0636b112d3989
hash: 44393833432ea503f299f3aeac729c9b38f24385
hash: 7fc31b4326e89cb3ed0857f5090d221d7781a8124e230f43dbb0f3aec39fb9c9
hash: 304d1b953233ff6e0c9781b54bc84c73
hash: 35e447f6e2781d99e44f363b46ae737637025eea
hash: 56010b13ba196204c5a46c63ae4a6e2f2c0b0c9c80ce0621f1724d75acdce4b8
hash: f6fe6de5f6e19e2f72189673994fb5ff
hash: f7b3b5e7677ee6aad54e882de91e8f958a1d10d0
hash: 4ed8567ea2048af98c1a36219e521df92a9fbba4e1229a3a7d850bd5b6682bbb
hash: eb6626a87c86e55ead5ce1dc2db24581
hash: 86ca3d529219f977c2a17a92bb6ac19e39ee560f
hash: 20bdd8cd7493353efe6e8c94782b0315b68de4d7846ee4ec96cfc4706b4ef1ad
hash: 6ead4cb080efd3834e02c14b9714f57c
hash: b7370523ba6f4d883c2e801eac14d091adfd3bc8
hash: aa9609826b6fe268a2b6349d64f226af94ff4ea1ce5ba68e14a9aea7ab47127b
hash: 7f8eb6e0752796a4b8cca9fcfeec0efc
hash: c2b38815336d73e238491a2f544db5b8c635f32a
hash: e8607f27adcc7f2d53de718c9989a34e51adabef9a03725c9b90dd5fadd72228
hash: f8c68b6ae6daa9db37f1e5c16da98c4d
hash: 3ee532743aa7ef8dacc58ef5dd2af517fffc82ed
hash: 0d9949646843d57838274a8dc7c102dcddee46c5d829652f742acc8602e930eb
hash: 0f99c1e6d3335933698ac340629ad3c1
hash: 884da5bbf889682bc548d8b4f8fe4dc8a286a144
hash: 3d6a09a7027f92acd9cd132f7550835fe17a0c58e8f161ac114cb39b0aa10e3a
hash: 74d5e74dd919be1a3a378a9d8311b6cb
hash: e46e77f77f0dc6acfebe6753b1d56442dde818ee
hash: c3cf0bd8fa3d3f27853901744158b70223382d9b5f5c1d4578f3f4316743db81
hash: f72b7f2598fa51d05bc460027607bc9a
hash: 8cb2a9b5ee5ee3e09e4e9058bb1de1b1a2dbc5b7
hash: 02b93705ddbc4c6c5b293cd48623ef3289bcc5815706a6d693665176918dfe1b
hash: 348bd812c6ddb53774cc41259d39dbcd
hash: 42cf462e3afe961f301f44cb4d03a51002cff5a4
hash: 95c9eba0b53e4e0e34741871e350bdd1e9f8ff54f72c63004c8854df6955ffd7
hash: af3774fac7386bf4ce7cca8720c7f882
hash: 13001e22bdf8b0736bfe656dd9bdd00668a1047f
hash: 88290313eb4c0239d427acc7adb59b9a36bd3cd545a92e152362b15b4c681b00
hash: 3e10f07802f1a74280b96328bb6e9c34
hash: 202a62c28bc091217d3fa3aac3cb7ad49aae61ec
hash: 4977999a446adb8831780c2f3aaa46dad084da7969e494ce34085a0832bed2a3
hash: 3db46e81663e87cbd787feab5fa06800
hash: e6a8b688209ec561414803c815deaec11e73e0ec
hash: e512af88abd3b507426747ba75491f0c0f6798a4e6c717d44cee3de450d09b19
hash: 553d1305eee8e5904f83d8d7cd1865de
hash: f9330b793b52129e88f9d7ef6f7be4080c8c152e
hash: 479acf6c5367318dd4c1285cd7c910d54e16372f92caacbe9bbbb72321dd7389
hash: 25daa47bdd6e95d0820a36b2d88670e8
hash: 0d3a51ed910e1fe24a004a1ac49d07e40b0ccc72
hash: 861b9bce50d31ce29abbd3e3923d78631a94bebad7df408976aeb51296f25627
hash: 927c17e35c7c1262b5cdb077a7888eab
hash: f49f551c2480d432d747f9621c780005576b7c86
hash: 2e481b9e4d30d776715abb6393dcd55ac99a808d9b929f909a8c5d07deb87ce9
hash: f78242d89cc15c378beb340f9e005a04
hash: 97001c69ad2edbcec2925258fe6c81556c7f959a
hash: 72122ae93cedfb91e46dda053604b88bc9013600a46f7857053ddd8a20821310
hash: 3c0848b32a51c3d1e13a8f61fb8ee8e6
hash: c00390579f9b00a361d26fa62be1d9840135f311
hash: 30d934db3cf20b600d94a87b61625654c6de0ab5a6a23c92495402fdbb51862e
hash: da3da3a3772e334d379c87c0e702f830
hash: aa507f73eff415acb2bb7e04fd84e69396657b7c
hash: ec5df8e292717758febd62be53bbc1ce7d54709f2efa604741a4d9ba39eea412
hash: 661ca62ab5ad203bf3db1b412de7898c
hash: 52795a3f0f0eff71d5c5b95e3d1a8c9f1d198cd0
hash: 6382c42064d364bc19462f8c277d82c03b8eda1b31509c834f0411c8cf7f4455
hash: e54cef890e7d38b80a73e60bb19666fd
hash: 0708d70e7850488ba07da41d3740ed910beefac2
hash: d135c2482bc384d3878863d3e87b0e0f078910fa6ce17a93db0e0f899366a5b2
hash: 486cd180da8c3c057849bafdc4a3fb1c
hash: 8b70c4edb491e83c79929eb344ad4282db9a07e4
hash: 6715d8d5f2985ebafd0257ba2e06d757b8f0d65b76314617ea6de9e52cc4be7f
hash: 2fd57ae6a4f3bf6f246eac323514ee01
hash: a7c2f31b41544c2035381cc0a3dfc3fe097426b5
hash: 7f203543c642de5fdc6d9582068c5ba272309017fa4b6911e523365894284fe5
hash: 8fbedfe9b2ad7d270af105b41e4cf5d1
hash: 3ab1e445fa193a460a2a79cd3694266b11b19c79
hash: 8bdd4ed8a2d2745f44f7d1950630926d5c5c52a081f0e2b20a94682463f3611c
hash: daf6d3a5d5e4ebc814f9ba3013d39a94
hash: a65671f28d52ea1730e671316a29b233f0fb0397
hash: f0eff94e8ed95c8ccb19decb14f7edcf036830502745ec47fd64152e8b6e42b9
hash: 9ec6bc11dee711237f01c0124f9ca00c
hash: f5da096e2ae6079c4670ddd6566244618056a22e
hash: c5f526cc62688cf34c49d098dab81e24e4294f832ada57433ef505d5ac6da8f3
hash: 94dd3315fca4c31ef61b7865c3b8983f
hash: f778f6f9c5abb625b0083457a8d7b094464bec5b
hash: 2c3f8889c9f5d765632ad91b4cc2a852c54845e143dbd2b68359b6f9cdfd8f99
hash: d0a8b47c099440abaec8abfd7c12ac93
hash: 108624fdc1e52f38738db0c87389621336e45434
hash: d44cf4f3954be46e830fb90868e7f741aad5c4681efd79a26462d936d661d2dd
hash: 1f74371acabdf0a6a83ec3884723d6cb
hash: f0336d1dad9615f3227bf7750d1cdfd3efa10008
hash: 12bba7161d07efcb1b14d30054901ac9ffe5202972437b0c47c88d71e45c7176
hash: e760729dcee518659d9510ae1705db51
hash: 4ab64fa677a9fb7bc15573ca2820c9c99a6bda83
hash: b8520187ed07a5cb95074111acd6179523fb97aedcd0b156432f7691fcbfebed
hash: a8c72a84691fe09d5b3d2f6ca8722ea5
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/ged13/nm7
domain: 7z38l1pp.moduplaza.digital
domain: ne4w2nbw.moduplaza.digital
file: 82.146.49.236
hash: 9540
file: 102.204.223.168
hash: 8888
file: 158.94.208.135
hash: 1000
domain: www.scholze.family
file: 143.198.215.97
hash: 8080
file: 102.98.89.14
hash: 443
file: 91.215.85.39
hash: 443
file: 139.59.135.147
hash: 4444
domain: 789club.za.com
domain: bajaban.sa.com
domain: kubetchuan.com
domain: vb0.za.com
domain: artabnewszamanpaper47.ru.com
domain: bxr.uk.com
domain: lmn.uk.com
domain: uydeg.ru.com
domain: policy-russia.gl.at.ply.gg
domain: people-joyce.gl.at.ply.gg
domain: adobe-cdn.duckdns.org
domain: defender.ydns.eu
file: 185.26.236.215
hash: 5553
file: 144.172.102.252
hash: 56001
url: https://insomnia.top/api/upload_fast.php
url: https://insomnia.top/api/c2_commands.php
url: https://insomnia.top/api/c2_register.php
domain: insomnia.top
file: 101.37.210.197
hash: 80
file: 178.17.62.24
hash: 1337
file: 190.255.92.38
hash: 5061
file: 107.172.238.14
hash: 2404
file: 102.204.223.152
hash: 8888
file: 193.106.196.99
hash: 8808
file: 157.20.182.24
hash: 1339
file: 46.201.19.142
hash: 5901
file: 167.86.142.38
hash: 443
file: 16.26.245.13
hash: 44818
file: 16.26.245.13
hash: 51668
file: 16.58.157.121
hash: 443
file: 13.250.222.197
hash: 443
file: 209.151.145.164
hash: 4000
file: 23.27.140.118
hash: 62134
file: 79.137.76.173
hash: 443
file: 38.180.137.181
hash: 2285
file: 172.111.213.109
hash: 3421
domain: kycdn.azure-css.com
file: 112.126.25.151
hash: 3333
file: 143.110.252.240
hash: 9999
file: 41.220.143.87
hash: 3333
file: 150.158.12.220
hash: 33331
file: 200.58.100.246
hash: 3333
file: 170.187.237.39
hash: 3333
file: 3.122.45.135
hash: 80
file: 157.250.202.55
hash: 3333
file: 201.204.61.140
hash: 443
url: http://zx.pe/bp.php
domain: yoenacevedo7-41744.portmap.host
file: 103.57.220.129
hash: 6767
file: 64.89.163.160
hash: 5050
file: 120.79.89.234
hash: 8082
file: 217.182.67.157
hash: 31337
file: 77.238.248.158
hash: 9000
file: 83.168.95.235
hash: 1024
file: 34.229.232.38
hash: 46537
file: 159.89.43.34
hash: 1337
file: 172.111.198.20
hash: 4782
domain: kaidealdoland-44457.portmap.host
url: https://solidolbabrering.shop
domain: ydszge1688.com
domain: hitler963.ddns.net
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/ged13/rtt9
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/gog2026/see4
file: 103.215.77.84
hash: 4433
domain: solidolbabrering.shop
domain: nfs.azure-css.com
url: http://196.251.107.130/cfedbcab777558b8.php
url: http://192.168.174.130:80/kw5f
file: 158.94.209.121
hash: 7720
file: 109.107.177.135
hash: 8443
url: http://62.60.131.230/login
file: 45.74.0.135
hash: 2405
file: 86.48.0.251
hash: 8888
file: 85.17.54.227
hash: 8808
file: 91.84.100.170
hash: 10000
file: 45.192.110.20
hash: 8089
file: 196.75.43.11
hash: 2222
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/gog2026/bb24
file: 185.234.73.46
hash: 88
url: http://196.251.107.130/zbuyowgn/data.php
domain: anonykous-54240.portmap.host
file: 112.48.228.48
hash: 10250
file: 158.94.210.31
hash: 2404
file: 172.86.114.24
hash: 37775
domain: 8nu7ypxl.cornflake-ream.digital
domain: mq0oy98l.cornflake-ream.digital
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/html5/at
url: http://158.94.210.74
url: http://158.94.210.74/4d4b240c75954580.php
file: 112.124.61.189
hash: 80
url: http://astrologickeconoablos.cc:8080/updater?for=07ae43ec57b400b48380a0eb83234bf7
file: 45.154.98.170
hash: 443
file: 193.106.196.99
hash: 443
file: 94.242.52.160
hash: 1080
file: 20.125.56.34
hash: 443
file: 45.89.125.181
hash: 8443
file: 78.13.213.227
hash: 5530
file: 78.13.213.227
hash: 8080
file: 185.106.179.79
hash: 6666
file: 185.106.179.79
hash: 80
file: 185.106.179.79
hash: 8888
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/html5/ui
file: 98.85.71.175
hash: 8443
file: 35.159.20.100
hash: 3333
file: 54.197.86.42
hash: 443
file: 3.122.45.135
hash: 443
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/coolray/mti98

ThreatFox IOCs for 2026-02-01

Severity: medium

Type: malware

ThreatFox IOCs for 2026-02-01

Technical Summary

Potential Impact

Mitigation Recommendations

Affected Countries

Germany, France, United Kingdom, Netherlands, Italy, Spain

Indicators of Compromise

file: 130.193.34.57
hash: 3778
file: 195.178.136.38
hash: 80
url: https://18.217.34.53/
file: 181.214.100.216
hash: 80
domain: 8l0nigjfnjuq3vnystisyg==
file: 161.97.182.121
hash: 80
file: 13.135.251.41
hash: 10259
domain: downloads.beaconvistamedical.com
file: 185.125.91.3
hash: 80
file: 185.125.91.3
hash: 443
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/ged13/bb80
url: https://185.125.91.3/
url: http://144.31.166.169/22f497205c838ab3.php
file: 91.92.120.109
hash: 62026
hash: 3ff111f0659a076e47cd0caf48013e068459efd8
hash: 6dfc959713cb5ff03a439ff2df42bb4868a3f3b00fd6aca29be21ad7ebf1afb7
hash: 455743653d28556edc1da0874425dc4b
hash: cd61a4a9a5a7519128633ac27f44849dbbc15413
hash: 22d77061cbccb048adf52021775abc6a1af7eca93638b6043ad6f560b5e4d423
hash: 6a9c08da41d7f15291ad6dacc5b7a5c5
hash: 30aa9a92e8be58fdbf3b077d3fd3a6c8cbe890a0
hash: 1475a3bb4ec2d699b19fcc965c7a133dd253fa1e7aa1aed1eb85604315f34882
hash: 735af08a6a65e4efc3f6d2c70427c0e5
hash: 67bc6769efe16f31c310c17c954d4b1987263acb
hash: 8a3553c5000a72016304a37d8e403236339db1468fc1e0072bcdc9d7a7849430
hash: fecd2d69bf422d501ed22005047d4046
hash: b8a298c1d3422089afbe4295708013b6744acbb9
hash: 7798165f2a3542ed381179e299c7b909af9c7cfd4d7c272ef30e5ddf62ecc867
hash: 2bd7774fa9ad56924d2aa0497e9ce05d
hash: 834e69f7cabebcdcb327e80e2d67e5c1bf0ac243
hash: b65e358f50489d16259f50dc37d3f997990b699980798aa5430877603717ec5d
hash: 0017be2c052f09f5ed154aa0fb31ef6c
hash: 035e0cf9f10df045b4bc0d4aad5d60df3abc1592
hash: 27c0ef1769c0dec264d62c1fe045295df2ab7db3ee7eddcef84b3b647d55130e
hash: cc767ca97c495638ac7b57e2e0634e36
hash: 3f386816d6ec1f5dc696c12c60ddddc9e9471672
hash: 1dca871a9485fc5e894cdf39e563a36d015823bf4f28bb558ca18dbe7cfec959
hash: 073f385aefeec02d4797df68d5d16f99
hash: d5cf2558d6e0ebf34b19fab430a2c4b98d1d922d
hash: 90223a0bf3a14fc840cc51baeced06fd17a7853a52537ab84fbeab4d050e5b90
hash: d17a39209828a2033375cd59759b8f64
hash: af221e6609bb544787a5baca96f1a7faa620ef5e
hash: 54193af95cf82cdbcc2b331bfd7112915a54bfd872b4fce2e148777fff41a995
hash: 9d18ee23e1c0f2575d1638502d753aec
hash: 51dc56f5c78ccac565abf297ebbec24e27b97c3e
hash: 043411ec48a610695668589c877e96b333b1a7b2ba07304ab0776339edf61cc1
hash: 5dc395bdeed0ac727586defc61a6b8d2
hash: 0515c4bb4dad5f7713f4ac53dd63e20e85e550e3
hash: c6f803c1468193c54a22608ac6ff545fcead6788e95d759fd30525eae9b6f67e
hash: 731d00f84d4a27e71709941b8f77fe6e
hash: 66640606d40b0409b63ee0d4b7533e31b0c17a08
hash: 3259083a3d9a3b1bb0cc9bbe388537f6fa558329c10984ca296da0eb8e5cf634
hash: 55209f0c96c3759909f7c5992c9949f8
hash: fc4dcc91a5593d9482c9959f44eb6bd2448901d0
hash: 8507309e3f00c1258d632b4de937dd9540751e56e6276d7226dd6c916456a763
hash: 3487509b16cb20e049103683452758da
hash: 73d6ec213c7496cf609a6346fd450d7770625308
hash: 5ee01a7ec5257373175090e2bc23fae980ac996325ffa4bffc5bd53164c21d49
hash: c020897e864c09809dc03ec392a63f34
hash: 289c072ae8060b40ce8be5287d41ce1ea6294e8a
hash: af45e7ab9d8c10b174c3ae27c54f39e69311c1716be6af42cc50eaaf96e29710
hash: 7c18eee37de273104221f90d4f0ce836
hash: ee07090dd47d36597b74629712c939f4a085199f
hash: e8d499ad4ca9316f31db2dbd2253cc956a4f77f7e37b8713ea6268681d5ea060
hash: 32e759af27903aa2e45f078ac41d201b
hash: 3970186bd1c9bdbfae46cde28f52574f6e9fe200
hash: 70aacb6ae4c62d3913af232c5f67f17f532c8379adfa0d1ab0185620fb62627f
hash: 2d76c960ac7c7af2bc4a50af7da4b0ba
hash: a4eb9a1ddabfbc1fe025f91b9aa1ff998f51f250
hash: 18c871a4c22e7b1beb5179784418121d92504f952fd5b37fd527d7bb615e32a5
hash: 16c781156fb68ccf801f1cf15ddabfb8
hash: 3a50d9cb563e42dd26f202bb88f64d42f093d735
hash: 4ec6916ca3d4f328e21a32cdbaea12c713abeb472544e24226b3260c784775cd
hash: 67e40f1bc0ce227d400f9ccb10d78def
hash: c696b3a04c31ab28441e50cc7b4b95cdcf47a053
hash: 7c3f488c63c3d29166dcc56d1d6a1fad304933b6c463c660e010cb3825046335
hash: 9db3ccab1fb84d5a92c761462fa2ffb0
hash: fc92ec4a9c0ac504b56994d1aaaa9f2c10d7f124
hash: 466eaaa3dfa085451b1ddf7455914d2235ffefb763f85afaa630fa7c6d309578
hash: dbfeea0b6ec18dd542e41ea1da439c8f
hash: d8563460bd03d6a0213a23f98f1d5100323d3246
hash: 7da382f87aeccf21dd8c656174fdcb66813c6c79305beebffad863eb2159c9b5
hash: 9050fe36280d3fd80e183403d419b8f1
hash: e8573f3356b9a39126e26731cd278eef6a4f4d79
hash: 74dafa33b566bce5c47eddf84e43718444f6ac55c96941da1824a05c799d5911
hash: ca6e3441c33e306038adfa627112f901
hash: 4567834aea8921cacd16e488d3aeae66494bb085
hash: edb2e646f7d889b6d979f2d5d53c075d2f454860777a91c6619125f95ee7e88f
hash: 2ba2409b7771a25f8723b16f8644e7ce
hash: 14c77f8c63d5ebeadfde160643395ed973fca2c1
hash: ca04e090471a92350a6b6a3636b7a850036408b989cebf2ff314ee564c0c2419
hash: bee5b0ea86a61182fabf0970c5aa5678
hash: 46854a3850065a048e9d3306e27ccb3f2a0928ae
hash: 62b0f6a41b6027c2b82ae449bfef9d8a6f682d77d47f1ee019e701e9d494ec65
hash: 692a5ab1c371887aaed5986cff42b3cf
hash: 50d36c3f221f197c2dfbd5c05192f3156b1c4bd9
hash: 098e0f982f6e766e1f9603075e7b91addf6cd5839ff3bbebae8ec280d2cb2421
hash: ff643f984bb67a9933bb43532dee0e63
hash: e48589cacf866a2e216878dd8b1f8f0ebdf3df59
hash: ffa35e8c18950c68e2888a96c7138493c213c52747a45c5914f468a5ea0acdcc
hash: 97a31c5bf745c361fde0636b112d3989
hash: 44393833432ea503f299f3aeac729c9b38f24385
hash: 7fc31b4326e89cb3ed0857f5090d221d7781a8124e230f43dbb0f3aec39fb9c9
hash: 304d1b953233ff6e0c9781b54bc84c73
hash: 35e447f6e2781d99e44f363b46ae737637025eea
hash: 56010b13ba196204c5a46c63ae4a6e2f2c0b0c9c80ce0621f1724d75acdce4b8
hash: f6fe6de5f6e19e2f72189673994fb5ff
hash: f7b3b5e7677ee6aad54e882de91e8f958a1d10d0
hash: 4ed8567ea2048af98c1a36219e521df92a9fbba4e1229a3a7d850bd5b6682bbb
hash: eb6626a87c86e55ead5ce1dc2db24581
hash: 86ca3d529219f977c2a17a92bb6ac19e39ee560f
hash: 20bdd8cd7493353efe6e8c94782b0315b68de4d7846ee4ec96cfc4706b4ef1ad
hash: 6ead4cb080efd3834e02c14b9714f57c
hash: b7370523ba6f4d883c2e801eac14d091adfd3bc8
hash: aa9609826b6fe268a2b6349d64f226af94ff4ea1ce5ba68e14a9aea7ab47127b
hash: 7f8eb6e0752796a4b8cca9fcfeec0efc
hash: c2b38815336d73e238491a2f544db5b8c635f32a
hash: e8607f27adcc7f2d53de718c9989a34e51adabef9a03725c9b90dd5fadd72228
hash: f8c68b6ae6daa9db37f1e5c16da98c4d
hash: 3ee532743aa7ef8dacc58ef5dd2af517fffc82ed
hash: 0d9949646843d57838274a8dc7c102dcddee46c5d829652f742acc8602e930eb
hash: 0f99c1e6d3335933698ac340629ad3c1
hash: 884da5bbf889682bc548d8b4f8fe4dc8a286a144
hash: 3d6a09a7027f92acd9cd132f7550835fe17a0c58e8f161ac114cb39b0aa10e3a
hash: 74d5e74dd919be1a3a378a9d8311b6cb
hash: e46e77f77f0dc6acfebe6753b1d56442dde818ee
hash: c3cf0bd8fa3d3f27853901744158b70223382d9b5f5c1d4578f3f4316743db81
hash: f72b7f2598fa51d05bc460027607bc9a
hash: 8cb2a9b5ee5ee3e09e4e9058bb1de1b1a2dbc5b7
hash: 02b93705ddbc4c6c5b293cd48623ef3289bcc5815706a6d693665176918dfe1b
hash: 348bd812c6ddb53774cc41259d39dbcd
hash: 42cf462e3afe961f301f44cb4d03a51002cff5a4
hash: 95c9eba0b53e4e0e34741871e350bdd1e9f8ff54f72c63004c8854df6955ffd7
hash: af3774fac7386bf4ce7cca8720c7f882
hash: 13001e22bdf8b0736bfe656dd9bdd00668a1047f
hash: 88290313eb4c0239d427acc7adb59b9a36bd3cd545a92e152362b15b4c681b00
hash: 3e10f07802f1a74280b96328bb6e9c34
hash: 202a62c28bc091217d3fa3aac3cb7ad49aae61ec
hash: 4977999a446adb8831780c2f3aaa46dad084da7969e494ce34085a0832bed2a3
hash: 3db46e81663e87cbd787feab5fa06800
hash: e6a8b688209ec561414803c815deaec11e73e0ec
hash: e512af88abd3b507426747ba75491f0c0f6798a4e6c717d44cee3de450d09b19
hash: 553d1305eee8e5904f83d8d7cd1865de
hash: f9330b793b52129e88f9d7ef6f7be4080c8c152e
hash: 479acf6c5367318dd4c1285cd7c910d54e16372f92caacbe9bbbb72321dd7389
hash: 25daa47bdd6e95d0820a36b2d88670e8
hash: 0d3a51ed910e1fe24a004a1ac49d07e40b0ccc72
hash: 861b9bce50d31ce29abbd3e3923d78631a94bebad7df408976aeb51296f25627
hash: 927c17e35c7c1262b5cdb077a7888eab
hash: f49f551c2480d432d747f9621c780005576b7c86
hash: 2e481b9e4d30d776715abb6393dcd55ac99a808d9b929f909a8c5d07deb87ce9
hash: f78242d89cc15c378beb340f9e005a04
hash: 97001c69ad2edbcec2925258fe6c81556c7f959a
hash: 72122ae93cedfb91e46dda053604b88bc9013600a46f7857053ddd8a20821310
hash: 3c0848b32a51c3d1e13a8f61fb8ee8e6
hash: c00390579f9b00a361d26fa62be1d9840135f311
hash: 30d934db3cf20b600d94a87b61625654c6de0ab5a6a23c92495402fdbb51862e
hash: da3da3a3772e334d379c87c0e702f830
hash: aa507f73eff415acb2bb7e04fd84e69396657b7c
hash: ec5df8e292717758febd62be53bbc1ce7d54709f2efa604741a4d9ba39eea412
hash: 661ca62ab5ad203bf3db1b412de7898c
hash: 52795a3f0f0eff71d5c5b95e3d1a8c9f1d198cd0
hash: 6382c42064d364bc19462f8c277d82c03b8eda1b31509c834f0411c8cf7f4455
hash: e54cef890e7d38b80a73e60bb19666fd
hash: 0708d70e7850488ba07da41d3740ed910beefac2
hash: d135c2482bc384d3878863d3e87b0e0f078910fa6ce17a93db0e0f899366a5b2
hash: 486cd180da8c3c057849bafdc4a3fb1c
hash: 8b70c4edb491e83c79929eb344ad4282db9a07e4
hash: 6715d8d5f2985ebafd0257ba2e06d757b8f0d65b76314617ea6de9e52cc4be7f
hash: 2fd57ae6a4f3bf6f246eac323514ee01
hash: a7c2f31b41544c2035381cc0a3dfc3fe097426b5
hash: 7f203543c642de5fdc6d9582068c5ba272309017fa4b6911e523365894284fe5
hash: 8fbedfe9b2ad7d270af105b41e4cf5d1
hash: 3ab1e445fa193a460a2a79cd3694266b11b19c79
hash: 8bdd4ed8a2d2745f44f7d1950630926d5c5c52a081f0e2b20a94682463f3611c
hash: daf6d3a5d5e4ebc814f9ba3013d39a94
hash: a65671f28d52ea1730e671316a29b233f0fb0397
hash: f0eff94e8ed95c8ccb19decb14f7edcf036830502745ec47fd64152e8b6e42b9
hash: 9ec6bc11dee711237f01c0124f9ca00c
hash: f5da096e2ae6079c4670ddd6566244618056a22e
hash: c5f526cc62688cf34c49d098dab81e24e4294f832ada57433ef505d5ac6da8f3
hash: 94dd3315fca4c31ef61b7865c3b8983f
hash: f778f6f9c5abb625b0083457a8d7b094464bec5b
hash: 2c3f8889c9f5d765632ad91b4cc2a852c54845e143dbd2b68359b6f9cdfd8f99
hash: d0a8b47c099440abaec8abfd7c12ac93
hash: 108624fdc1e52f38738db0c87389621336e45434
hash: d44cf4f3954be46e830fb90868e7f741aad5c4681efd79a26462d936d661d2dd
hash: 1f74371acabdf0a6a83ec3884723d6cb
hash: f0336d1dad9615f3227bf7750d1cdfd3efa10008
hash: 12bba7161d07efcb1b14d30054901ac9ffe5202972437b0c47c88d71e45c7176
hash: e760729dcee518659d9510ae1705db51
hash: 4ab64fa677a9fb7bc15573ca2820c9c99a6bda83
hash: b8520187ed07a5cb95074111acd6179523fb97aedcd0b156432f7691fcbfebed
hash: a8c72a84691fe09d5b3d2f6ca8722ea5
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/ged13/nm7
domain: 7z38l1pp.moduplaza.digital
domain: ne4w2nbw.moduplaza.digital
file: 82.146.49.236
hash: 9540
file: 102.204.223.168
hash: 8888
file: 158.94.208.135
hash: 1000
domain: www.scholze.family
file: 143.198.215.97
hash: 8080
file: 102.98.89.14
hash: 443
file: 91.215.85.39
hash: 443
file: 139.59.135.147
hash: 4444
domain: 789club.za.com
domain: bajaban.sa.com
domain: kubetchuan.com
domain: vb0.za.com
domain: artabnewszamanpaper47.ru.com
domain: bxr.uk.com
domain: lmn.uk.com
domain: uydeg.ru.com
domain: policy-russia.gl.at.ply.gg
domain: people-joyce.gl.at.ply.gg
domain: adobe-cdn.duckdns.org
domain: defender.ydns.eu
file: 185.26.236.215
hash: 5553
file: 144.172.102.252
hash: 56001
url: https://insomnia.top/api/upload_fast.php
url: https://insomnia.top/api/c2_commands.php
url: https://insomnia.top/api/c2_register.php
domain: insomnia.top
file: 101.37.210.197
hash: 80
file: 178.17.62.24
hash: 1337
file: 190.255.92.38
hash: 5061
file: 107.172.238.14
hash: 2404
file: 102.204.223.152
hash: 8888
file: 193.106.196.99
hash: 8808
file: 157.20.182.24
hash: 1339
file: 46.201.19.142
hash: 5901
file: 167.86.142.38
hash: 443
file: 16.26.245.13
hash: 44818
file: 16.26.245.13
hash: 51668
file: 16.58.157.121
hash: 443
file: 13.250.222.197
hash: 443
file: 209.151.145.164
hash: 4000
file: 23.27.140.118
hash: 62134
file: 79.137.76.173
hash: 443
file: 38.180.137.181
hash: 2285
file: 172.111.213.109
hash: 3421
domain: kycdn.azure-css.com
file: 112.126.25.151
hash: 3333
file: 143.110.252.240
hash: 9999
file: 41.220.143.87
hash: 3333
file: 150.158.12.220
hash: 33331
file: 200.58.100.246
hash: 3333
file: 170.187.237.39
hash: 3333
file: 3.122.45.135
hash: 80
file: 157.250.202.55
hash: 3333
file: 201.204.61.140
hash: 443
url: http://zx.pe/bp.php
domain: yoenacevedo7-41744.portmap.host
file: 103.57.220.129
hash: 6767
file: 64.89.163.160
hash: 5050
file: 120.79.89.234
hash: 8082
file: 217.182.67.157
hash: 31337
file: 77.238.248.158
hash: 9000
file: 83.168.95.235
hash: 1024
file: 34.229.232.38
hash: 46537
file: 159.89.43.34
hash: 1337
file: 172.111.198.20
hash: 4782
domain: kaidealdoland-44457.portmap.host
url: https://solidolbabrering.shop
domain: ydszge1688.com
domain: hitler963.ddns.net
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/ged13/rtt9
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/gog2026/see4
file: 103.215.77.84
hash: 4433
domain: solidolbabrering.shop
domain: nfs.azure-css.com
url: http://196.251.107.130/cfedbcab777558b8.php
url: http://192.168.174.130:80/kw5f
file: 158.94.209.121
hash: 7720
file: 109.107.177.135
hash: 8443
url: http://62.60.131.230/login
file: 45.74.0.135
hash: 2405
file: 86.48.0.251
hash: 8888
file: 85.17.54.227
hash: 8808
file: 91.84.100.170
hash: 10000
file: 45.192.110.20
hash: 8089
file: 196.75.43.11
hash: 2222
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/gog2026/bb24
file: 185.234.73.46
hash: 88
url: http://196.251.107.130/zbuyowgn/data.php
domain: anonykous-54240.portmap.host
file: 112.48.228.48
hash: 10250
file: 158.94.210.31
hash: 2404
file: 172.86.114.24
hash: 37775
domain: 8nu7ypxl.cornflake-ream.digital
domain: mq0oy98l.cornflake-ream.digital
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/html5/at
url: http://158.94.210.74
url: http://158.94.210.74/4d4b240c75954580.php
file: 112.124.61.189
hash: 80
url: http://astrologickeconoablos.cc:8080/updater?for=07ae43ec57b400b48380a0eb83234bf7
file: 45.154.98.170
hash: 443
file: 193.106.196.99
hash: 443
file: 94.242.52.160
hash: 1080
file: 20.125.56.34
hash: 443
file: 45.89.125.181
hash: 8443
file: 78.13.213.227
hash: 5530
file: 78.13.213.227
hash: 8080
file: 185.106.179.79
hash: 6666
file: 185.106.179.79
hash: 80
file: 185.106.179.79
hash: 8888
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/html5/ui
file: 98.85.71.175
hash: 8443
file: 35.159.20.100
hash: 3333
file: 54.197.86.42
hash: 443
file: 3.122.45.135
hash: 443
url: https://cdn.jsdelivr.net/gh/relight-73-unsigned/coolray/mti98

Source: ThreatFox MISP Feed

Published: Sun Feb 01 2026

ThreatFox IOCs for 2026-02-01

Medium

Malwaretype:osint tlp:white

Published: Sun Feb 01 2026 (02/01/2026, 00:00:00 UTC)

Source: ThreatFox MISP Feed

Vendor/Project: type

Product: osint

Description

ThreatFox IOCs for 2026-02-01

AI-Powered Analysis

AILast updated: 02/02/2026, 00:12:09 UTC

Technical Analysis

Potential Impact

Mitigation Recommendations

Affected Countries

Need more detailed analysis?Upgrade to Pro Console

Technical Details

Threat Level: 2
Analysis: 1
Distribution: 3
Uuid: f7058780-8777-4556-8342-360b144cec82
Original Timestamp: 1769990587

Indicators of Compromise

File

Value	Description	Copy
file130.193.34.57	Mirai botnet C2 server (confidence level: 80%)
file195.178.136.38	GCleaner botnet C2 server (confidence level: 100%)
file181.214.100.216	Sliver botnet C2 server (confidence level: 100%)
file161.97.182.121	Unknown malware botnet C2 server (confidence level: 100%)
file13.135.251.41	Meterpreter botnet C2 server (confidence level: 100%)
file185.125.91.3	Unknown malware botnet C2 server (confidence level: 100%)
file185.125.91.3	Unknown malware botnet C2 server (confidence level: 100%)
file91.92.120.109	PureLogs Stealer botnet C2 server (confidence level: 100%)
file82.146.49.236	Cobalt Strike botnet C2 server (confidence level: 100%)
file102.204.223.168	Unknown malware botnet C2 server (confidence level: 100%)
file158.94.208.135	AsyncRAT botnet C2 server (confidence level: 100%)
file143.198.215.97	Havoc botnet C2 server (confidence level: 100%)
file102.98.89.14	NetSupportManager RAT botnet C2 server (confidence level: 100%)
file91.215.85.39	PoshC2 botnet C2 server (confidence level: 100%)
file139.59.135.147	Meterpreter botnet C2 server (confidence level: 100%)
file185.26.236.215	NjRAT botnet C2 server (confidence level: 100%)
file144.172.102.252	Unknown malware botnet C2 server (confidence level: 75%)
file101.37.210.197	Cobalt Strike botnet C2 server (confidence level: 100%)
file178.17.62.24	Bashlite botnet C2 server (confidence level: 100%)
file190.255.92.38	Remcos botnet C2 server (confidence level: 100%)
file107.172.238.14	Remcos botnet C2 server (confidence level: 100%)
file102.204.223.152	Unknown malware botnet C2 server (confidence level: 100%)
file193.106.196.99	AsyncRAT botnet C2 server (confidence level: 100%)
file157.20.182.24	AsyncRAT botnet C2 server (confidence level: 100%)
file46.201.19.142	Venom RAT botnet C2 server (confidence level: 100%)
file167.86.142.38	NetSupportManager RAT botnet C2 server (confidence level: 100%)
file16.26.245.13	Meterpreter botnet C2 server (confidence level: 100%)
file16.26.245.13	Meterpreter botnet C2 server (confidence level: 100%)
file16.58.157.121	Unknown malware botnet C2 server (confidence level: 100%)
file13.250.222.197	Sliver botnet C2 server (confidence level: 75%)
file209.151.145.164	DeimosC2 botnet C2 server (confidence level: 75%)
file23.27.140.118	DeimosC2 botnet C2 server (confidence level: 75%)
file79.137.76.173	BianLian botnet C2 server (confidence level: 75%)
file38.180.137.181	PureLogs Stealer botnet C2 server (confidence level: 100%)
file172.111.213.109	Remcos botnet C2 server (confidence level: 100%)
file112.126.25.151	Unknown malware botnet C2 server (confidence level: 100%)
file143.110.252.240	Unknown malware botnet C2 server (confidence level: 100%)
file41.220.143.87	Unknown malware botnet C2 server (confidence level: 100%)
file150.158.12.220	Unknown malware botnet C2 server (confidence level: 100%)
file200.58.100.246	Unknown malware botnet C2 server (confidence level: 100%)
file170.187.237.39	Unknown malware botnet C2 server (confidence level: 100%)
file3.122.45.135	Unknown malware botnet C2 server (confidence level: 100%)
file157.250.202.55	Unknown malware botnet C2 server (confidence level: 100%)
file201.204.61.140	QakBot botnet C2 server (confidence level: 100%)
file103.57.220.129	XWorm botnet C2 server (confidence level: 100%)
file64.89.163.160	XWorm botnet C2 server (confidence level: 100%)
file120.79.89.234	Remcos botnet C2 server (confidence level: 100%)
file217.182.67.157	Sliver botnet C2 server (confidence level: 100%)
file77.238.248.158	SectopRAT botnet C2 server (confidence level: 100%)
file83.168.95.235	Unknown malware botnet C2 server (confidence level: 100%)
file34.229.232.38	Meterpreter botnet C2 server (confidence level: 100%)
file159.89.43.34	Empire Downloader botnet C2 server (confidence level: 100%)
file172.111.198.20	Quasar RAT botnet C2 server (confidence level: 100%)
file103.215.77.84	ValleyRAT botnet C2 server (confidence level: 100%)
file158.94.209.121	PureLogs Stealer botnet C2 server (confidence level: 100%)
file109.107.177.135	Unknown malware botnet C2 server (confidence level: 100%)
file45.74.0.135	Remcos botnet C2 server (confidence level: 100%)
file86.48.0.251	Unknown malware botnet C2 server (confidence level: 100%)
file85.17.54.227	AsyncRAT botnet C2 server (confidence level: 100%)
file91.84.100.170	GhostSocks botnet C2 server (confidence level: 100%)
file45.192.110.20	Quasar RAT botnet C2 server (confidence level: 100%)
file196.75.43.11	Meterpreter botnet C2 server (confidence level: 100%)
file185.234.73.46	Cobalt Strike botnet C2 server (confidence level: 75%)
file112.48.228.48	DeimosC2 botnet C2 server (confidence level: 75%)
file158.94.210.31	Remcos botnet C2 server (confidence level: 75%)
file172.86.114.24	Sliver botnet C2 server (confidence level: 75%)
file112.124.61.189	Cobalt Strike botnet C2 server (confidence level: 100%)
file45.154.98.170	Sliver botnet C2 server (confidence level: 100%)
file193.106.196.99	AsyncRAT botnet C2 server (confidence level: 100%)
file94.242.52.160	Quasar RAT botnet C2 server (confidence level: 100%)
file20.125.56.34	Havoc botnet C2 server (confidence level: 100%)
file45.89.125.181	AdaptixC2 botnet C2 server (confidence level: 100%)
file78.13.213.227	Meterpreter botnet C2 server (confidence level: 100%)
file78.13.213.227	Meterpreter botnet C2 server (confidence level: 100%)
file185.106.179.79	ValleyRAT botnet C2 server (confidence level: 100%)
file185.106.179.79	ValleyRAT botnet C2 server (confidence level: 75%)
file185.106.179.79	ValleyRAT botnet C2 server (confidence level: 75%)
file98.85.71.175	Unknown malware botnet C2 server (confidence level: 100%)
file35.159.20.100	Unknown malware botnet C2 server (confidence level: 100%)
file54.197.86.42	Unknown malware botnet C2 server (confidence level: 100%)
file3.122.45.135	Unknown malware botnet C2 server (confidence level: 100%)

Hash

Value	Description	Copy
hash3778	Mirai botnet C2 server (confidence level: 80%)
hash80	GCleaner botnet C2 server (confidence level: 100%)
hash80	Sliver botnet C2 server (confidence level: 100%)
hash80	Unknown malware botnet C2 server (confidence level: 100%)
hash10259	Meterpreter botnet C2 server (confidence level: 100%)
hash80	Unknown malware botnet C2 server (confidence level: 100%)
hash443	Unknown malware botnet C2 server (confidence level: 100%)
hash62026	PureLogs Stealer botnet C2 server (confidence level: 100%)
hash3ff111f0659a076e47cd0caf48013e068459efd8	StrelaStealer payload (confidence level: 95%)
hash6dfc959713cb5ff03a439ff2df42bb4868a3f3b00fd6aca29be21ad7ebf1afb7	StrelaStealer payload (confidence level: 95%)
hash455743653d28556edc1da0874425dc4b	StrelaStealer payload (confidence level: 95%)
hashcd61a4a9a5a7519128633ac27f44849dbbc15413	Stealc payload (confidence level: 95%)
hash22d77061cbccb048adf52021775abc6a1af7eca93638b6043ad6f560b5e4d423	Stealc payload (confidence level: 95%)
hash6a9c08da41d7f15291ad6dacc5b7a5c5	Stealc payload (confidence level: 95%)
hash30aa9a92e8be58fdbf3b077d3fd3a6c8cbe890a0	Amadey payload (confidence level: 95%)
hash1475a3bb4ec2d699b19fcc965c7a133dd253fa1e7aa1aed1eb85604315f34882	Amadey payload (confidence level: 95%)
hash735af08a6a65e4efc3f6d2c70427c0e5	Amadey payload (confidence level: 95%)
hash67bc6769efe16f31c310c17c954d4b1987263acb	Stealc payload (confidence level: 95%)
hash8a3553c5000a72016304a37d8e403236339db1468fc1e0072bcdc9d7a7849430	Stealc payload (confidence level: 95%)
hashfecd2d69bf422d501ed22005047d4046	Stealc payload (confidence level: 95%)
hashb8a298c1d3422089afbe4295708013b6744acbb9	AsyncRAT payload (confidence level: 95%)
hash7798165f2a3542ed381179e299c7b909af9c7cfd4d7c272ef30e5ddf62ecc867	AsyncRAT payload (confidence level: 95%)
hash2bd7774fa9ad56924d2aa0497e9ce05d	AsyncRAT payload (confidence level: 95%)
hash834e69f7cabebcdcb327e80e2d67e5c1bf0ac243	RedEnergy Stealer payload (confidence level: 95%)
hashb65e358f50489d16259f50dc37d3f997990b699980798aa5430877603717ec5d	RedEnergy Stealer payload (confidence level: 95%)
hash0017be2c052f09f5ed154aa0fb31ef6c	RedEnergy Stealer payload (confidence level: 95%)
hash035e0cf9f10df045b4bc0d4aad5d60df3abc1592	Owlproxy payload (confidence level: 95%)
hash27c0ef1769c0dec264d62c1fe045295df2ab7db3ee7eddcef84b3b647d55130e	Owlproxy payload (confidence level: 95%)
hashcc767ca97c495638ac7b57e2e0634e36	Owlproxy payload (confidence level: 95%)
hash3f386816d6ec1f5dc696c12c60ddddc9e9471672	Quasar RAT payload (confidence level: 95%)
hash1dca871a9485fc5e894cdf39e563a36d015823bf4f28bb558ca18dbe7cfec959	Quasar RAT payload (confidence level: 95%)
hash073f385aefeec02d4797df68d5d16f99	Quasar RAT payload (confidence level: 95%)
hashd5cf2558d6e0ebf34b19fab430a2c4b98d1d922d	RedLine Stealer payload (confidence level: 95%)
hash90223a0bf3a14fc840cc51baeced06fd17a7853a52537ab84fbeab4d050e5b90	RedLine Stealer payload (confidence level: 95%)
hashd17a39209828a2033375cd59759b8f64	RedLine Stealer payload (confidence level: 95%)
hashaf221e6609bb544787a5baca96f1a7faa620ef5e	DCRat payload (confidence level: 95%)
hash54193af95cf82cdbcc2b331bfd7112915a54bfd872b4fce2e148777fff41a995	DCRat payload (confidence level: 95%)
hash9d18ee23e1c0f2575d1638502d753aec	DCRat payload (confidence level: 95%)
hash51dc56f5c78ccac565abf297ebbec24e27b97c3e	Kelihos payload (confidence level: 95%)
hash043411ec48a610695668589c877e96b333b1a7b2ba07304ab0776339edf61cc1	Kelihos payload (confidence level: 95%)
hash5dc395bdeed0ac727586defc61a6b8d2	Kelihos payload (confidence level: 95%)
hash0515c4bb4dad5f7713f4ac53dd63e20e85e550e3	Socks5 Systemz payload (confidence level: 95%)
hashc6f803c1468193c54a22608ac6ff545fcead6788e95d759fd30525eae9b6f67e	Socks5 Systemz payload (confidence level: 95%)
hash731d00f84d4a27e71709941b8f77fe6e	Socks5 Systemz payload (confidence level: 95%)
hash66640606d40b0409b63ee0d4b7533e31b0c17a08	SalatStealer payload (confidence level: 95%)
hash3259083a3d9a3b1bb0cc9bbe388537f6fa558329c10984ca296da0eb8e5cf634	SalatStealer payload (confidence level: 95%)
hash55209f0c96c3759909f7c5992c9949f8	SalatStealer payload (confidence level: 95%)
hashfc4dcc91a5593d9482c9959f44eb6bd2448901d0	Ghost RAT payload (confidence level: 95%)
hash8507309e3f00c1258d632b4de937dd9540751e56e6276d7226dd6c916456a763	Ghost RAT payload (confidence level: 95%)
hash3487509b16cb20e049103683452758da	Ghost RAT payload (confidence level: 95%)
hash73d6ec213c7496cf609a6346fd450d7770625308	ValleyRAT payload (confidence level: 95%)
hash5ee01a7ec5257373175090e2bc23fae980ac996325ffa4bffc5bd53164c21d49	ValleyRAT payload (confidence level: 95%)
hashc020897e864c09809dc03ec392a63f34	ValleyRAT payload (confidence level: 95%)
hash289c072ae8060b40ce8be5287d41ce1ea6294e8a	DarkTortilla payload (confidence level: 95%)
hashaf45e7ab9d8c10b174c3ae27c54f39e69311c1716be6af42cc50eaaf96e29710	DarkTortilla payload (confidence level: 95%)
hash7c18eee37de273104221f90d4f0ce836	DarkTortilla payload (confidence level: 95%)
hashee07090dd47d36597b74629712c939f4a085199f	Socks5 Systemz payload (confidence level: 95%)
hashe8d499ad4ca9316f31db2dbd2253cc956a4f77f7e37b8713ea6268681d5ea060	Socks5 Systemz payload (confidence level: 95%)
hash32e759af27903aa2e45f078ac41d201b	Socks5 Systemz payload (confidence level: 95%)
hash3970186bd1c9bdbfae46cde28f52574f6e9fe200	DarkVision RAT payload (confidence level: 95%)
hash70aacb6ae4c62d3913af232c5f67f17f532c8379adfa0d1ab0185620fb62627f	DarkVision RAT payload (confidence level: 95%)
hash2d76c960ac7c7af2bc4a50af7da4b0ba	DarkVision RAT payload (confidence level: 95%)
hasha4eb9a1ddabfbc1fe025f91b9aa1ff998f51f250	SalatStealer payload (confidence level: 95%)
hash18c871a4c22e7b1beb5179784418121d92504f952fd5b37fd527d7bb615e32a5	SalatStealer payload (confidence level: 95%)
hash16c781156fb68ccf801f1cf15ddabfb8	SalatStealer payload (confidence level: 95%)
hash3a50d9cb563e42dd26f202bb88f64d42f093d735	SalatStealer payload (confidence level: 95%)
hash4ec6916ca3d4f328e21a32cdbaea12c713abeb472544e24226b3260c784775cd	SalatStealer payload (confidence level: 95%)
hash67e40f1bc0ce227d400f9ccb10d78def	SalatStealer payload (confidence level: 95%)
hashc696b3a04c31ab28441e50cc7b4b95cdcf47a053	SalatStealer payload (confidence level: 95%)
hash7c3f488c63c3d29166dcc56d1d6a1fad304933b6c463c660e010cb3825046335	SalatStealer payload (confidence level: 95%)
hash9db3ccab1fb84d5a92c761462fa2ffb0	SalatStealer payload (confidence level: 95%)
hashfc92ec4a9c0ac504b56994d1aaaa9f2c10d7f124	SalatStealer payload (confidence level: 95%)
hash466eaaa3dfa085451b1ddf7455914d2235ffefb763f85afaa630fa7c6d309578	SalatStealer payload (confidence level: 95%)
hashdbfeea0b6ec18dd542e41ea1da439c8f	SalatStealer payload (confidence level: 95%)
hashd8563460bd03d6a0213a23f98f1d5100323d3246	SalatStealer payload (confidence level: 95%)
hash7da382f87aeccf21dd8c656174fdcb66813c6c79305beebffad863eb2159c9b5	SalatStealer payload (confidence level: 95%)
hash9050fe36280d3fd80e183403d419b8f1	SalatStealer payload (confidence level: 95%)
hashe8573f3356b9a39126e26731cd278eef6a4f4d79	SalatStealer payload (confidence level: 95%)
hash74dafa33b566bce5c47eddf84e43718444f6ac55c96941da1824a05c799d5911	SalatStealer payload (confidence level: 95%)
hashca6e3441c33e306038adfa627112f901	SalatStealer payload (confidence level: 95%)
hash4567834aea8921cacd16e488d3aeae66494bb085	SalatStealer payload (confidence level: 95%)
hashedb2e646f7d889b6d979f2d5d53c075d2f454860777a91c6619125f95ee7e88f	SalatStealer payload (confidence level: 95%)
hash2ba2409b7771a25f8723b16f8644e7ce	SalatStealer payload (confidence level: 95%)
hash14c77f8c63d5ebeadfde160643395ed973fca2c1	ValleyRAT payload (confidence level: 95%)
hashca04e090471a92350a6b6a3636b7a850036408b989cebf2ff314ee564c0c2419	ValleyRAT payload (confidence level: 95%)
hashbee5b0ea86a61182fabf0970c5aa5678	ValleyRAT payload (confidence level: 95%)
hash46854a3850065a048e9d3306e27ccb3f2a0928ae	AsyncRAT payload (confidence level: 95%)
hash62b0f6a41b6027c2b82ae449bfef9d8a6f682d77d47f1ee019e701e9d494ec65	AsyncRAT payload (confidence level: 95%)
hash692a5ab1c371887aaed5986cff42b3cf	AsyncRAT payload (confidence level: 95%)
hash50d36c3f221f197c2dfbd5c05192f3156b1c4bd9	Vidar payload (confidence level: 95%)
hash098e0f982f6e766e1f9603075e7b91addf6cd5839ff3bbebae8ec280d2cb2421	Vidar payload (confidence level: 95%)
hashff643f984bb67a9933bb43532dee0e63	Vidar payload (confidence level: 95%)
hashe48589cacf866a2e216878dd8b1f8f0ebdf3df59	Vidar payload (confidence level: 95%)
hashffa35e8c18950c68e2888a96c7138493c213c52747a45c5914f468a5ea0acdcc	Vidar payload (confidence level: 95%)
hash97a31c5bf745c361fde0636b112d3989	Vidar payload (confidence level: 95%)
hash44393833432ea503f299f3aeac729c9b38f24385	Vidar payload (confidence level: 95%)
hash7fc31b4326e89cb3ed0857f5090d221d7781a8124e230f43dbb0f3aec39fb9c9	Vidar payload (confidence level: 95%)
hash304d1b953233ff6e0c9781b54bc84c73	Vidar payload (confidence level: 95%)
hash35e447f6e2781d99e44f363b46ae737637025eea	SalatStealer payload (confidence level: 95%)
hash56010b13ba196204c5a46c63ae4a6e2f2c0b0c9c80ce0621f1724d75acdce4b8	SalatStealer payload (confidence level: 95%)
hashf6fe6de5f6e19e2f72189673994fb5ff	SalatStealer payload (confidence level: 95%)
hashf7b3b5e7677ee6aad54e882de91e8f958a1d10d0	Vidar payload (confidence level: 95%)
hash4ed8567ea2048af98c1a36219e521df92a9fbba4e1229a3a7d850bd5b6682bbb	Vidar payload (confidence level: 95%)
hasheb6626a87c86e55ead5ce1dc2db24581	Vidar payload (confidence level: 95%)
hash86ca3d529219f977c2a17a92bb6ac19e39ee560f	Vidar payload (confidence level: 95%)
hash20bdd8cd7493353efe6e8c94782b0315b68de4d7846ee4ec96cfc4706b4ef1ad	Vidar payload (confidence level: 95%)
hash6ead4cb080efd3834e02c14b9714f57c	Vidar payload (confidence level: 95%)
hashb7370523ba6f4d883c2e801eac14d091adfd3bc8	GCleaner payload (confidence level: 95%)
hashaa9609826b6fe268a2b6349d64f226af94ff4ea1ce5ba68e14a9aea7ab47127b	GCleaner payload (confidence level: 95%)
hash7f8eb6e0752796a4b8cca9fcfeec0efc	GCleaner payload (confidence level: 95%)
hashc2b38815336d73e238491a2f544db5b8c635f32a	SalatStealer payload (confidence level: 95%)
hashe8607f27adcc7f2d53de718c9989a34e51adabef9a03725c9b90dd5fadd72228	SalatStealer payload (confidence level: 95%)
hashf8c68b6ae6daa9db37f1e5c16da98c4d	SalatStealer payload (confidence level: 95%)
hash3ee532743aa7ef8dacc58ef5dd2af517fffc82ed	Quasar RAT payload (confidence level: 95%)
hash0d9949646843d57838274a8dc7c102dcddee46c5d829652f742acc8602e930eb	Quasar RAT payload (confidence level: 95%)
hash0f99c1e6d3335933698ac340629ad3c1	Quasar RAT payload (confidence level: 95%)
hash884da5bbf889682bc548d8b4f8fe4dc8a286a144	PureCrypter payload (confidence level: 95%)
hash3d6a09a7027f92acd9cd132f7550835fe17a0c58e8f161ac114cb39b0aa10e3a	PureCrypter payload (confidence level: 95%)
hash74d5e74dd919be1a3a378a9d8311b6cb	PureCrypter payload (confidence level: 95%)
hashe46e77f77f0dc6acfebe6753b1d56442dde818ee	Vidar payload (confidence level: 95%)
hashc3cf0bd8fa3d3f27853901744158b70223382d9b5f5c1d4578f3f4316743db81	Vidar payload (confidence level: 95%)
hashf72b7f2598fa51d05bc460027607bc9a	Vidar payload (confidence level: 95%)
hash8cb2a9b5ee5ee3e09e4e9058bb1de1b1a2dbc5b7	AsyncRAT payload (confidence level: 95%)
hash02b93705ddbc4c6c5b293cd48623ef3289bcc5815706a6d693665176918dfe1b	AsyncRAT payload (confidence level: 95%)
hash348bd812c6ddb53774cc41259d39dbcd	AsyncRAT payload (confidence level: 95%)
hash42cf462e3afe961f301f44cb4d03a51002cff5a4	AsyncRAT payload (confidence level: 95%)
hash95c9eba0b53e4e0e34741871e350bdd1e9f8ff54f72c63004c8854df6955ffd7	AsyncRAT payload (confidence level: 95%)
hashaf3774fac7386bf4ce7cca8720c7f882	AsyncRAT payload (confidence level: 95%)
hash13001e22bdf8b0736bfe656dd9bdd00668a1047f	NirCmd payload (confidence level: 95%)
hash88290313eb4c0239d427acc7adb59b9a36bd3cd545a92e152362b15b4c681b00	NirCmd payload (confidence level: 95%)
hash3e10f07802f1a74280b96328bb6e9c34	NirCmd payload (confidence level: 95%)
hash202a62c28bc091217d3fa3aac3cb7ad49aae61ec	ValleyRAT payload (confidence level: 95%)
hash4977999a446adb8831780c2f3aaa46dad084da7969e494ce34085a0832bed2a3	ValleyRAT payload (confidence level: 95%)
hash3db46e81663e87cbd787feab5fa06800	ValleyRAT payload (confidence level: 95%)
hashe6a8b688209ec561414803c815deaec11e73e0ec	Masad Stealer payload (confidence level: 95%)
hashe512af88abd3b507426747ba75491f0c0f6798a4e6c717d44cee3de450d09b19	Masad Stealer payload (confidence level: 95%)
hash553d1305eee8e5904f83d8d7cd1865de	Masad Stealer payload (confidence level: 95%)
hashf9330b793b52129e88f9d7ef6f7be4080c8c152e	X-Files Stealer payload (confidence level: 95%)
hash479acf6c5367318dd4c1285cd7c910d54e16372f92caacbe9bbbb72321dd7389	X-Files Stealer payload (confidence level: 95%)
hash25daa47bdd6e95d0820a36b2d88670e8	X-Files Stealer payload (confidence level: 95%)
hash0d3a51ed910e1fe24a004a1ac49d07e40b0ccc72	X-Files Stealer payload (confidence level: 95%)
hash861b9bce50d31ce29abbd3e3923d78631a94bebad7df408976aeb51296f25627	X-Files Stealer payload (confidence level: 95%)
hash927c17e35c7c1262b5cdb077a7888eab	X-Files Stealer payload (confidence level: 95%)
hashf49f551c2480d432d747f9621c780005576b7c86	X-Files Stealer payload (confidence level: 95%)
hash2e481b9e4d30d776715abb6393dcd55ac99a808d9b929f909a8c5d07deb87ce9	X-Files Stealer payload (confidence level: 95%)
hashf78242d89cc15c378beb340f9e005a04	X-Files Stealer payload (confidence level: 95%)
hash97001c69ad2edbcec2925258fe6c81556c7f959a	X-Files Stealer payload (confidence level: 95%)
hash72122ae93cedfb91e46dda053604b88bc9013600a46f7857053ddd8a20821310	X-Files Stealer payload (confidence level: 95%)
hash3c0848b32a51c3d1e13a8f61fb8ee8e6	X-Files Stealer payload (confidence level: 95%)
hashc00390579f9b00a361d26fa62be1d9840135f311	X-Files Stealer payload (confidence level: 95%)
hash30d934db3cf20b600d94a87b61625654c6de0ab5a6a23c92495402fdbb51862e	X-Files Stealer payload (confidence level: 95%)
hashda3da3a3772e334d379c87c0e702f830	X-Files Stealer payload (confidence level: 95%)
hashaa507f73eff415acb2bb7e04fd84e69396657b7c	X-Files Stealer payload (confidence level: 95%)
hashec5df8e292717758febd62be53bbc1ce7d54709f2efa604741a4d9ba39eea412	X-Files Stealer payload (confidence level: 95%)
hash661ca62ab5ad203bf3db1b412de7898c	X-Files Stealer payload (confidence level: 95%)
hash52795a3f0f0eff71d5c5b95e3d1a8c9f1d198cd0	X-Files Stealer payload (confidence level: 95%)
hash6382c42064d364bc19462f8c277d82c03b8eda1b31509c834f0411c8cf7f4455	X-Files Stealer payload (confidence level: 95%)
hashe54cef890e7d38b80a73e60bb19666fd	X-Files Stealer payload (confidence level: 95%)
hash0708d70e7850488ba07da41d3740ed910beefac2	X-Files Stealer payload (confidence level: 95%)
hashd135c2482bc384d3878863d3e87b0e0f078910fa6ce17a93db0e0f899366a5b2	X-Files Stealer payload (confidence level: 95%)
hash486cd180da8c3c057849bafdc4a3fb1c	X-Files Stealer payload (confidence level: 95%)
hash8b70c4edb491e83c79929eb344ad4282db9a07e4	X-Files Stealer payload (confidence level: 95%)
hash6715d8d5f2985ebafd0257ba2e06d757b8f0d65b76314617ea6de9e52cc4be7f	X-Files Stealer payload (confidence level: 95%)
hash2fd57ae6a4f3bf6f246eac323514ee01	X-Files Stealer payload (confidence level: 95%)
hasha7c2f31b41544c2035381cc0a3dfc3fe097426b5	X-Files Stealer payload (confidence level: 95%)
hash7f203543c642de5fdc6d9582068c5ba272309017fa4b6911e523365894284fe5	X-Files Stealer payload (confidence level: 95%)
hash8fbedfe9b2ad7d270af105b41e4cf5d1	X-Files Stealer payload (confidence level: 95%)
hash3ab1e445fa193a460a2a79cd3694266b11b19c79	Socks5 Systemz payload (confidence level: 95%)
hash8bdd4ed8a2d2745f44f7d1950630926d5c5c52a081f0e2b20a94682463f3611c	Socks5 Systemz payload (confidence level: 95%)
hashdaf6d3a5d5e4ebc814f9ba3013d39a94	Socks5 Systemz payload (confidence level: 95%)
hasha65671f28d52ea1730e671316a29b233f0fb0397	Coinminer payload (confidence level: 95%)
hashf0eff94e8ed95c8ccb19decb14f7edcf036830502745ec47fd64152e8b6e42b9	Coinminer payload (confidence level: 95%)
hash9ec6bc11dee711237f01c0124f9ca00c	Coinminer payload (confidence level: 95%)
hashf5da096e2ae6079c4670ddd6566244618056a22e	NightSky payload (confidence level: 95%)
hashc5f526cc62688cf34c49d098dab81e24e4294f832ada57433ef505d5ac6da8f3	NightSky payload (confidence level: 95%)
hash94dd3315fca4c31ef61b7865c3b8983f	NightSky payload (confidence level: 95%)
hashf778f6f9c5abb625b0083457a8d7b094464bec5b	NightSky payload (confidence level: 95%)
hash2c3f8889c9f5d765632ad91b4cc2a852c54845e143dbd2b68359b6f9cdfd8f99	NightSky payload (confidence level: 95%)
hashd0a8b47c099440abaec8abfd7c12ac93	NightSky payload (confidence level: 95%)
hash108624fdc1e52f38738db0c87389621336e45434	Amadey payload (confidence level: 95%)
hashd44cf4f3954be46e830fb90868e7f741aad5c4681efd79a26462d936d661d2dd	Amadey payload (confidence level: 95%)
hash1f74371acabdf0a6a83ec3884723d6cb	Amadey payload (confidence level: 95%)
hashf0336d1dad9615f3227bf7750d1cdfd3efa10008	GRAPELOADER payload (confidence level: 95%)
hash12bba7161d07efcb1b14d30054901ac9ffe5202972437b0c47c88d71e45c7176	GRAPELOADER payload (confidence level: 95%)
hashe760729dcee518659d9510ae1705db51	GRAPELOADER payload (confidence level: 95%)
hash4ab64fa677a9fb7bc15573ca2820c9c99a6bda83	AsyncRAT payload (confidence level: 95%)
hashb8520187ed07a5cb95074111acd6179523fb97aedcd0b156432f7691fcbfebed	AsyncRAT payload (confidence level: 95%)
hasha8c72a84691fe09d5b3d2f6ca8722ea5	AsyncRAT payload (confidence level: 95%)
hash9540	Cobalt Strike botnet C2 server (confidence level: 100%)
hash8888	Unknown malware botnet C2 server (confidence level: 100%)
hash1000	AsyncRAT botnet C2 server (confidence level: 100%)
hash8080	Havoc botnet C2 server (confidence level: 100%)
hash443	NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash443	PoshC2 botnet C2 server (confidence level: 100%)
hash4444	Meterpreter botnet C2 server (confidence level: 100%)
hash5553	NjRAT botnet C2 server (confidence level: 100%)
hash56001	Unknown malware botnet C2 server (confidence level: 75%)
hash80	Cobalt Strike botnet C2 server (confidence level: 100%)
hash1337	Bashlite botnet C2 server (confidence level: 100%)
hash5061	Remcos botnet C2 server (confidence level: 100%)
hash2404	Remcos botnet C2 server (confidence level: 100%)
hash8888	Unknown malware botnet C2 server (confidence level: 100%)
hash8808	AsyncRAT botnet C2 server (confidence level: 100%)
hash1339	AsyncRAT botnet C2 server (confidence level: 100%)
hash5901	Venom RAT botnet C2 server (confidence level: 100%)
hash443	NetSupportManager RAT botnet C2 server (confidence level: 100%)
hash44818	Meterpreter botnet C2 server (confidence level: 100%)
hash51668	Meterpreter botnet C2 server (confidence level: 100%)
hash443	Unknown malware botnet C2 server (confidence level: 100%)
hash443	Sliver botnet C2 server (confidence level: 75%)
hash4000	DeimosC2 botnet C2 server (confidence level: 75%)
hash62134	DeimosC2 botnet C2 server (confidence level: 75%)
hash443	BianLian botnet C2 server (confidence level: 75%)
hash2285	PureLogs Stealer botnet C2 server (confidence level: 100%)
hash3421	Remcos botnet C2 server (confidence level: 100%)
hash3333	Unknown malware botnet C2 server (confidence level: 100%)
hash9999	Unknown malware botnet C2 server (confidence level: 100%)
hash3333	Unknown malware botnet C2 server (confidence level: 100%)
hash33331	Unknown malware botnet C2 server (confidence level: 100%)
hash3333	Unknown malware botnet C2 server (confidence level: 100%)
hash3333	Unknown malware botnet C2 server (confidence level: 100%)
hash80	Unknown malware botnet C2 server (confidence level: 100%)
hash3333	Unknown malware botnet C2 server (confidence level: 100%)
hash443	QakBot botnet C2 server (confidence level: 100%)
hash6767	XWorm botnet C2 server (confidence level: 100%)
hash5050	XWorm botnet C2 server (confidence level: 100%)
hash8082	Remcos botnet C2 server (confidence level: 100%)
hash31337	Sliver botnet C2 server (confidence level: 100%)
hash9000	SectopRAT botnet C2 server (confidence level: 100%)
hash1024	Unknown malware botnet C2 server (confidence level: 100%)
hash46537	Meterpreter botnet C2 server (confidence level: 100%)
hash1337	Empire Downloader botnet C2 server (confidence level: 100%)
hash4782	Quasar RAT botnet C2 server (confidence level: 100%)
hash4433	ValleyRAT botnet C2 server (confidence level: 100%)
hash7720	PureLogs Stealer botnet C2 server (confidence level: 100%)
hash8443	Unknown malware botnet C2 server (confidence level: 100%)
hash2405	Remcos botnet C2 server (confidence level: 100%)
hash8888	Unknown malware botnet C2 server (confidence level: 100%)
hash8808	AsyncRAT botnet C2 server (confidence level: 100%)
hash10000	GhostSocks botnet C2 server (confidence level: 100%)
hash8089	Quasar RAT botnet C2 server (confidence level: 100%)
hash2222	Meterpreter botnet C2 server (confidence level: 100%)
hash88	Cobalt Strike botnet C2 server (confidence level: 75%)
hash10250	DeimosC2 botnet C2 server (confidence level: 75%)
hash2404	Remcos botnet C2 server (confidence level: 75%)
hash37775	Sliver botnet C2 server (confidence level: 75%)
hash80	Cobalt Strike botnet C2 server (confidence level: 100%)
hash443	Sliver botnet C2 server (confidence level: 100%)
hash443	AsyncRAT botnet C2 server (confidence level: 100%)
hash1080	Quasar RAT botnet C2 server (confidence level: 100%)
hash443	Havoc botnet C2 server (confidence level: 100%)
hash8443	AdaptixC2 botnet C2 server (confidence level: 100%)
hash5530	Meterpreter botnet C2 server (confidence level: 100%)
hash8080	Meterpreter botnet C2 server (confidence level: 100%)
hash6666	ValleyRAT botnet C2 server (confidence level: 100%)
hash80	ValleyRAT botnet C2 server (confidence level: 75%)
hash8888	ValleyRAT botnet C2 server (confidence level: 75%)
hash8443	Unknown malware botnet C2 server (confidence level: 100%)
hash3333	Unknown malware botnet C2 server (confidence level: 100%)
hash443	Unknown malware botnet C2 server (confidence level: 100%)
hash443	Unknown malware botnet C2 server (confidence level: 100%)

Url

Value	Description	Copy
urlhttps://18.217.34.53/	Unknown malware payload delivery URL (confidence level: 90%)
urlhttps://cdn.jsdelivr.net/gh/relight-73-unsigned/ged13/bb80	ClearFake payload delivery URL (confidence level: 100%)
urlhttps://185.125.91.3/	Unknown malware payload delivery URL (confidence level: 90%)
urlhttp://144.31.166.169/22f497205c838ab3.php	Stealc botnet C2 (confidence level: 100%)
urlhttps://cdn.jsdelivr.net/gh/relight-73-unsigned/ged13/nm7	ClearFake payload delivery URL (confidence level: 100%)
urlhttps://insomnia.top/api/upload_fast.php	Unknown malware botnet C2 (confidence level: 100%)
urlhttps://insomnia.top/api/c2_commands.php	Unknown malware botnet C2 (confidence level: 100%)
urlhttps://insomnia.top/api/c2_register.php	Unknown malware botnet C2 (confidence level: 100%)
urlhttp://zx.pe/bp.php	SpyBot botnet C2 (confidence level: 100%)
urlhttps://solidolbabrering.shop	Stealc botnet C2 (confidence level: 100%)
urlhttps://cdn.jsdelivr.net/gh/relight-73-unsigned/ged13/rtt9	ClearFake payload delivery URL (confidence level: 100%)
urlhttps://cdn.jsdelivr.net/gh/relight-73-unsigned/gog2026/see4	ClearFake payload delivery URL (confidence level: 100%)
urlhttp://196.251.107.130/cfedbcab777558b8.php	Stealc botnet C2 (confidence level: 100%)
urlhttp://192.168.174.130:80/kw5f	Cobalt Strike botnet C2 (confidence level: 75%)
urlhttp://62.60.131.230/login	Odyssey Stealer botnet C2 (confidence level: 100%)
urlhttps://cdn.jsdelivr.net/gh/relight-73-unsigned/gog2026/bb24	ClearFake payload delivery URL (confidence level: 100%)
urlhttp://196.251.107.130/zbuyowgn/data.php	SVCStealer botnet C2 (confidence level: 75%)
urlhttps://cdn.jsdelivr.net/gh/relight-73-unsigned/html5/at	ClearFake payload delivery URL (confidence level: 100%)
urlhttp://158.94.210.74	Stealc botnet C2 (confidence level: 75%)
urlhttp://158.94.210.74/4d4b240c75954580.php	Stealc botnet C2 (confidence level: 100%)
urlhttp://astrologickeconoablos.cc:8080/updater?for=07ae43ec57b400b48380a0eb83234bf7	Unknown malware botnet C2 (confidence level: 100%)
urlhttps://cdn.jsdelivr.net/gh/relight-73-unsigned/html5/ui	ClearFake payload delivery URL (confidence level: 100%)
urlhttps://cdn.jsdelivr.net/gh/relight-73-unsigned/coolray/mti98	ClearFake payload delivery URL (confidence level: 100%)

Domain

Value	Description	Copy
domain8l0nigjfnjuq3vnystisyg==	XWorm botnet C2 domain (confidence level: 75%)
domaindownloads.beaconvistamedical.com	Cobalt Strike botnet C2 domain (confidence level: 100%)
domain7z38l1pp.moduplaza.digital	ClearFake payload delivery domain (confidence level: 100%)
domainne4w2nbw.moduplaza.digital	ClearFake payload delivery domain (confidence level: 100%)
domainwww.scholze.family	Havoc botnet C2 domain (confidence level: 100%)
domain789club.za.com	AsyncRAT botnet C2 domain (confidence level: 75%)
domainbajaban.sa.com	AsyncRAT botnet C2 domain (confidence level: 75%)
domainkubetchuan.com	AsyncRAT botnet C2 domain (confidence level: 75%)
domainvb0.za.com	AsyncRAT botnet C2 domain (confidence level: 75%)
domainartabnewszamanpaper47.ru.com	AsyncRAT botnet C2 domain (confidence level: 75%)
domainbxr.uk.com	AsyncRAT botnet C2 domain (confidence level: 75%)
domainlmn.uk.com	AsyncRAT botnet C2 domain (confidence level: 75%)
domainuydeg.ru.com	AsyncRAT botnet C2 domain (confidence level: 75%)
domainpolicy-russia.gl.at.ply.gg	XWorm botnet C2 domain (confidence level: 100%)
domainpeople-joyce.gl.at.ply.gg	XWorm botnet C2 domain (confidence level: 100%)
domainadobe-cdn.duckdns.org	XWorm botnet C2 domain (confidence level: 100%)
domaindefender.ydns.eu	NjRAT botnet C2 domain (confidence level: 100%)
domaininsomnia.top	Unknown malware botnet C2 domain (confidence level: 100%)
domainkycdn.azure-css.com	Cobalt Strike botnet C2 domain (confidence level: 75%)
domainyoenacevedo7-41744.portmap.host	XWorm botnet C2 domain (confidence level: 100%)
domainkaidealdoland-44457.portmap.host	Quasar RAT botnet C2 domain (confidence level: 100%)
domainydszge1688.com	ValleyRAT botnet C2 domain (confidence level: 100%)
domainhitler963.ddns.net	Unknown RAT botnet C2 domain (confidence level: 100%)
domainsolidolbabrering.shop	Stealc botnet C2 domain (confidence level: 100%)
domainnfs.azure-css.com	Cobalt Strike botnet C2 domain (confidence level: 75%)
domainanonykous-54240.portmap.host	XWorm botnet C2 domain (confidence level: 100%)
domain8nu7ypxl.cornflake-ream.digital	ClearFake payload delivery domain (confidence level: 100%)
domainmq0oy98l.cornflake-ream.digital	ClearFake payload delivery domain (confidence level: 100%)

Threat ID: 697febc9ac063202225bd9a5

Added to database: 2/2/2026, 12:11:53 AM

Last enriched: 2/2/2026, 12:12:09 AM

Last updated: 2/6/2026, 9:21:09 PM

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by

Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Related Threats

Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework

Medium

MalwareThu Feb 05 2026

SystemBC Infects 10,000 Devices After Defying Law Enforcement Takedown

Medium

MalwareThu Feb 05 2026

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

External Links

Search on Google

Need more coverage?

Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

ThreatFox IOCs for 2026-02-01

AI Analysis

Technical Summary

Potential Impact

Mitigation Recommendations

Affected Countries

Indicators of Compromise

ThreatFox IOCs for 2026-02-01

Description

AI-Powered Analysis

Technical Analysis

Potential Impact

Mitigation Recommendations

Affected Countries

Technical Details

Indicators of Compromise

File

Hash

Url

Domain

Community Reviews

Related Threats

ThreatFox IOCs for 2026-02-05

Technical Analysis of Marco Stealer

New Clickfix variant 'CrashFix' deploying Python Remote Access Trojan

Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework

SystemBC Infects 10,000 Devices After Defying Law Enforcement Takedown

Actions

External Links

Need more coverage?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility