Reconnecting to live updates…

ThreatFox IOCs for 2026-06-27

Severity: mediumType: malware

AI Analysis

Technical Summary

The provided data describes a malware-related threat intelligence report from ThreatFox dated June 27, 2026. It includes general categorization as OSINT, network activity, and payload delivery but does not specify any affected software versions, detailed indicators, or exploitation techniques. No patches or fixes are available, and no known active exploits have been reported. The threat level metadata indicates moderate concern with limited analysis and distribution information.

Potential Impact

The impact is currently unclear due to the absence of detailed technical indicators or affected software. The threat is classified as medium severity, suggesting potential risk but no confirmed widespread exploitation or critical damage reported at this time.

Mitigation Recommendations

No patches or official remediation measures are available for this threat. Since no specific affected software or vulnerabilities are identified, no targeted mitigation steps can be recommended. Security teams should monitor for updates and apply general best practices for malware detection and network monitoring as appropriate.

Indicators of Compromise

file: 192.162.199.186
hash: 80
file: 196.251.107.186
hash: 80
domain: sdnstatistic.com
domain: olddenver.xyz
url: http://36.255.40.171:34374/mozi.a
file: 147.182.140.2
hash: 9034
hash: 275e5b085534f64313b50cbdcb08ecd59c57d21c96bb937f140ee92a3d27f792
hash: 1b9e167757acd83c27a58de454cdc67af447c16422e8568ac08491de01ca7caa
hash: 39fa0fa694213d27c09ff2da27ae8a08866a36edece31e0c14312a4d42eb5fb4
hash: 50d9c3519a2fb107671c7d0151aa2ea2e15143d732821ec381732876e487034d
hash: 49281a9d741515d1ece2051fc1c5f7fac2c54c73f5e96c32a70d6729cdb94e4e
url: http://172.245.25.134:8787/collect
file: 172.245.25.134
hash: 8787
domain: africadasi.org
domain: skillboxultra.live
file: 129.212.233.8
hash: 8080
domain: sailboaterists.net
file: 45.11.229.45
hash: 8001
domain: bins.oceanic-node.su
url: http://bins.oceanic-node.su/wget.sh
file: 15.204.234.74
hash: 23
file: 147.182.140.2
hash: 9035
file: 193.169.194.63
hash: 443
url: http://72.255.33.12:55798/mozi.m
url: http://103.31.100.79:57731/mozi.m
file: 47.108.60.27
hash: 80
file: 103.236.60.111
hash: 443
file: 82.27.11.240
hash: 2095
file: 8.134.255.60
hash: 8084
file: 91.213.186.177
hash: 8084
domain: c2uwzjf8.blackjackonlineplay83.com
file: 43.142.51.69
hash: 8001
file: 194.56.225.147
hash: 8081
file: 194.56.225.147
hash: 8088
file: 45.192.97.47
hash: 5555
domain: tszebpwz.1xprobet.app
file: 147.182.140.2
hash: 34567
file: 13.62.76.12
hash: 4444
file: 13.62.76.12
hash: 7777
file: 20.69.167.4
hash: 443
file: 27.124.43.182
hash: 8848
domain: 7pkztjkc.1xbetpartnersiran.com
domain: samplerace.info
file: 172.111.169.70
hash: 1771
file: 8.217.130.185
hash: 5677
file: 27.124.43.249
hash: 8848
file: 102.134.54.230
hash: 8084
file: 8.217.130.185
hash: 5678
hash: d42e4181eb28a34149d95e716d63e9dcbe07c9f93f630bc7f6f19afda19bf3fc
hash: a7aa93ad69ee4641c9346eea3456415dbb00be679940d5070db0587894ede987
hash: cb1dd59ac326416b84a5c28ced438a25518d4b5fadfbb9c979ed319db844cda7
hash: 0013d3a2143469022ce41148f0df1898a5c7f122bc5d2842139d47054178f83c
hash: 3142e7ca3dbe7756b792ba425bf4e3c3b856c430647a8c51126a38993f916451
file: 91.108.243.146
hash: 80
file: 91.108.243.146
hash: 123
file: 91.108.243.146
hash: 25565
file: 46.8.236.82
hash: 80
file: 46.8.236.82
hash: 123
file: 46.8.236.82
hash: 25565
file: 102.134.54.230
hash: 80
file: 107.172.190.252
hash: 8551
file: 178.16.52.104
hash: 28931
domain: 85xhbv2q.shartcart.xyz
domain: mdsearch.xyz
file: 178.16.52.104
hash: 18234
domain: madproxys.top
file: 62.0.120.51
hash: 82
file: 114.132.199.129
hash: 4443
domain: closegate21.xyz
url: http://110.36.28.183:54729/mozi.7
url: http://60.23.235.10:40564/mozi.m
file: 107.172.238.19
hash: 4550
domain: bukuru.duckdns.org
file: 162.141.92.192
hash: 14123
domain: hoteljune2026.blogspot.com
domain: icro-soft.com
file: 198.37.119.51
hash: 5173
url: http://185.194.175.132:8000/api/endpoint.php
file: 185.242.3.43
hash: 5173
file: 8.152.212.104
hash: 443
hash: 66800eefed4e4c7dae18fe4dfe388e5f0ef20159cf0c7188df6c1a1d88f63a03
hash: 2eebecf7c504a215a51fb2876ec4f646b252fea92b43a6c5a811b8338f0ed133
hash: 6bdc600936975f49a706081d941b5de37f23586828a13aded77e015cf01cccc5
hash: f636f4b5522e2a1c341fd1064190fe714a2965b4432b0bfe57c05233a60f611f
file: 128.90.141.159
hash: 4444
file: 188.212.158.4
hash: 8808
file: 108.165.20.135
hash: 8888
url: https://smartpos.com.tr/
domain: airtek.vn
domain: balanga.studio
domain: cgain.net
domain: churchschickenfeedback.org
domain: culpritonline.com
domain: dgcustumrfirst.shop
domain: dqfanfeedbackfreedillybar.live
domain: dqfanfeedbacks.space
domain: dupat.ae
domain: emdgroupe.com
domain: ezbadvogados.com.br
domain: healthbloglonglife.com
domain: hollytree-transport.co.uk
domain: jcpeneycomsurvey.info
domain: metroindonesia.id
domain: myopinion-deltaco.info
domain: mywawavisitscom.info
domain: nexel-drive.com
domain: purplebandage.org.za
domain: talktohannafordcom.store
domain: talktostopandshop.pro
domain: thespeedyhomeoffer.com
domain: trendomart.xyz
domain: valuevillagelistencom.store
domain: valuevillagelistenscom.casa
domain: www.emanulquran.com
domain: www.pourosdevelopments.com
domain: wwwjcpenneysurvey.store
file: 111.170.148.177
hash: 1234
file: 110.42.212.24
hash: 6379
file: 114.132.199.129
hash: 443
url: http://millersteelusa.com:8893
domain: comienzo.ydns.eu
domain: guaricha.ydns.eu
file: 178.16.52.10
hash: 207
file: 128.90.112.26
hash: 15831
file: 128.90.105.93
hash: 15831
file: 144.31.236.240
hash: 27018
domain: abusereports.lol
domain: bcb7ukdo.tinyshart.com
file: 103.11.41.20
hash: 9087
file: 49.232.242.230
hash: 8084
file: 62.0.120.51
hash: 443
url: https://villacamarao.com.br/
url: https://nhuydecor.com/
file: 45.76.145.175
hash: 58211
url: http://23.94.145.194/82bea16070014e869235.php
url: https://brightleafholdings.com/
url: https://shootiamedia.com/
url: http://89.32.41.16/bins/pmips
url: http://89.32.41.16/bins/pmpsl
url: http://175.107.228.60:46088/mozi.m
hash: 3af414ef65da7494da9604e1a1dcf1a2a92234a4c8fd2fa11bb292970ea4282e
hash: 37733e5966cf4129c79c419725fbc2f7bcdac446683d966107bb3065d959422f
domain: tb4awyc7.vip1xbet.net
domain: thkjhg.cn
domain: yfps3ls.cn
file: 209.25.141.24
hash: 1425
file: 47.243.151.183
hash: 5555
file: 176.121.50.1
hash: 8086
file: 91.92.33.132
hash: 9999
url: https://rssssociety.org.in/
url: https://villapescados.com.br/
domain: e.perspolis.pro
domain: hzks2llo.1xdownload2023.com
domain: test.officeplustool.top
file: 47.86.184.71
hash: 53
domain: yigu360.com
file: 154.86.119.228
hash: 80
domain: ccczqxl6.blackjackonlineplay83.com
file: 206.119.167.29
hash: 8992
file: 38.14.212.71
hash: 19999
file: 101.245.74.162
hash: 443
file: 103.11.41.10
hash: 49584
file: 103.11.41.20
hash: 2753
file: 104.37.173.203
hash: 14643
file: 107.173.160.177
hash: 2850
file: 107.174.142.104
hash: 6578
file: 107.174.142.104
hash: 7790
file: 138.124.84.7
hash: 4321
file: 155.94.163.75
hash: 8797
file: 173.231.188.244
hash: 14646
file: 178.83.121.60
hash: 48203
file: 185.212.128.139
hash: 9000
file: 37.220.31.90
hash: 61135
file: 45.141.234.47
hash: 4321
file: 45.74.7.165
hash: 8455
file: 45.74.7.169
hash: 7312
file: 45.74.7.170
hash: 3305
file: 5.206.224.226
hash: 2404
file: 5.8.18.155
hash: 992
file: 5.8.19.157
hash: 14644
file: 68.64.178.130
hash: 48951
file: 69.48.228.170
hash: 65531
file: 80.211.129.141
hash: 1234
file: 85.137.249.185
hash: 8977
file: 103.146.231.107
hash: 80
file: 103.146.231.107
hash: 443
hash: 716612c11982500cca51970f822ddffb5a4b3aa84fda3cb30ffab6daa94f5248
hash: 89eec27c0af96d4932891f02c0a7988b05526012
hash: 52c76d9b7366f34a1fad3b5b0527e24f
hash: abb0ddc5d6972b69a938f88cbc354dffbd14adcd13b8049e6654f51dd3f5836d
hash: b10573574be99566629f6ca88ba82d0e7e2122a7
hash: f269378bb7d1c7817fa6200a1198b9df
hash: f2cd38b6c081535971bc76d9aa3560ce3bf33e02986a430464a75e3261c4a8f1
hash: cc0ae92edb66b42397a1f91894c0e14d12c83454
hash: c0b5ba4fbb2d486362d4be79caecc2b9
hash: bac12c7b2bc08d4d552e4692bc1566d7d54efc67c3a1131628c491c23626d773
hash: 3eae959cc134d89dcfab4f8388569626e166be0e
hash: 885e4c62d17993ccffbfd44a1c128ddf
hash: feea6bd8a190f0820c19df24b870a205d5799a9c75ace8044542496650a91ef0
hash: 8c00b490332ca6af591294e1b2ffd01e708c612f
hash: 2549dc1f259917a6179f726de0ed45e7
hash: 737646392a7c882064e22ecb9fc0b2732399e44ced2f56d873e656d0035af288
hash: 2b4e83cfdab5b79ae1aa1b4df8dd4503a9c99deb
hash: 038112c489a65525aaa6c2ede6c33c2a
hash: 8cd1408dbe57b890cb7aac49c60567e659156f376075ef617d5d7afb588daa09
hash: 6de94861e213b9b876edac4bdc716e141df735b7
hash: 891776acc33d8c22e4667d51c8370d49
domain: 1e2sdyr4.honardartarikh.xyz
domain: t71awqhc.1xsignupbet.com
file: 134.122.135.120
hash: 18443
file: 134.122.135.53
hash: 18443
file: 45.227.253.121
hash: 52445

ThreatFox IOCs for 2026-06-27

Severity: medium

Type: malware

ThreatFox IOCs for 2026-06-27

Technical Summary

Potential Impact

Mitigation Recommendations

Indicators of Compromise

file: 192.162.199.186
hash: 80
file: 196.251.107.186
hash: 80
domain: sdnstatistic.com
domain: olddenver.xyz
url: http://36.255.40.171:34374/mozi.a
file: 147.182.140.2
hash: 9034
hash: 275e5b085534f64313b50cbdcb08ecd59c57d21c96bb937f140ee92a3d27f792
hash: 1b9e167757acd83c27a58de454cdc67af447c16422e8568ac08491de01ca7caa
hash: 39fa0fa694213d27c09ff2da27ae8a08866a36edece31e0c14312a4d42eb5fb4
hash: 50d9c3519a2fb107671c7d0151aa2ea2e15143d732821ec381732876e487034d
hash: 49281a9d741515d1ece2051fc1c5f7fac2c54c73f5e96c32a70d6729cdb94e4e
url: http://172.245.25.134:8787/collect
file: 172.245.25.134
hash: 8787
domain: africadasi.org
domain: skillboxultra.live
file: 129.212.233.8
hash: 8080
domain: sailboaterists.net
file: 45.11.229.45
hash: 8001
domain: bins.oceanic-node.su
url: http://bins.oceanic-node.su/wget.sh
file: 15.204.234.74
hash: 23
file: 147.182.140.2
hash: 9035
file: 193.169.194.63
hash: 443
url: http://72.255.33.12:55798/mozi.m
url: http://103.31.100.79:57731/mozi.m
file: 47.108.60.27
hash: 80
file: 103.236.60.111
hash: 443
file: 82.27.11.240
hash: 2095
file: 8.134.255.60
hash: 8084
file: 91.213.186.177
hash: 8084
domain: c2uwzjf8.blackjackonlineplay83.com
file: 43.142.51.69
hash: 8001
file: 194.56.225.147
hash: 8081
file: 194.56.225.147
hash: 8088
file: 45.192.97.47
hash: 5555
domain: tszebpwz.1xprobet.app
file: 147.182.140.2
hash: 34567
file: 13.62.76.12
hash: 4444
file: 13.62.76.12
hash: 7777
file: 20.69.167.4
hash: 443
file: 27.124.43.182
hash: 8848
domain: 7pkztjkc.1xbetpartnersiran.com
domain: samplerace.info
file: 172.111.169.70
hash: 1771
file: 8.217.130.185
hash: 5677
file: 27.124.43.249
hash: 8848
file: 102.134.54.230
hash: 8084
file: 8.217.130.185
hash: 5678
hash: d42e4181eb28a34149d95e716d63e9dcbe07c9f93f630bc7f6f19afda19bf3fc
hash: a7aa93ad69ee4641c9346eea3456415dbb00be679940d5070db0587894ede987
hash: cb1dd59ac326416b84a5c28ced438a25518d4b5fadfbb9c979ed319db844cda7
hash: 0013d3a2143469022ce41148f0df1898a5c7f122bc5d2842139d47054178f83c
hash: 3142e7ca3dbe7756b792ba425bf4e3c3b856c430647a8c51126a38993f916451
file: 91.108.243.146
hash: 80
file: 91.108.243.146
hash: 123
file: 91.108.243.146
hash: 25565
file: 46.8.236.82
hash: 80
file: 46.8.236.82
hash: 123
file: 46.8.236.82
hash: 25565
file: 102.134.54.230
hash: 80
file: 107.172.190.252
hash: 8551
file: 178.16.52.104
hash: 28931
domain: 85xhbv2q.shartcart.xyz
domain: mdsearch.xyz
file: 178.16.52.104
hash: 18234
domain: madproxys.top
file: 62.0.120.51
hash: 82
file: 114.132.199.129
hash: 4443
domain: closegate21.xyz
url: http://110.36.28.183:54729/mozi.7
url: http://60.23.235.10:40564/mozi.m
file: 107.172.238.19
hash: 4550
domain: bukuru.duckdns.org
file: 162.141.92.192
hash: 14123
domain: hoteljune2026.blogspot.com
domain: icro-soft.com
file: 198.37.119.51
hash: 5173
url: http://185.194.175.132:8000/api/endpoint.php
file: 185.242.3.43
hash: 5173
file: 8.152.212.104
hash: 443
hash: 66800eefed4e4c7dae18fe4dfe388e5f0ef20159cf0c7188df6c1a1d88f63a03
hash: 2eebecf7c504a215a51fb2876ec4f646b252fea92b43a6c5a811b8338f0ed133
hash: 6bdc600936975f49a706081d941b5de37f23586828a13aded77e015cf01cccc5
hash: f636f4b5522e2a1c341fd1064190fe714a2965b4432b0bfe57c05233a60f611f
file: 128.90.141.159
hash: 4444
file: 188.212.158.4
hash: 8808
file: 108.165.20.135
hash: 8888
url: https://smartpos.com.tr/
domain: airtek.vn
domain: balanga.studio
domain: cgain.net
domain: churchschickenfeedback.org
domain: culpritonline.com
domain: dgcustumrfirst.shop
domain: dqfanfeedbackfreedillybar.live
domain: dqfanfeedbacks.space
domain: dupat.ae
domain: emdgroupe.com
domain: ezbadvogados.com.br
domain: healthbloglonglife.com
domain: hollytree-transport.co.uk
domain: jcpeneycomsurvey.info
domain: metroindonesia.id
domain: myopinion-deltaco.info
domain: mywawavisitscom.info
domain: nexel-drive.com
domain: purplebandage.org.za
domain: talktohannafordcom.store
domain: talktostopandshop.pro
domain: thespeedyhomeoffer.com
domain: trendomart.xyz
domain: valuevillagelistencom.store
domain: valuevillagelistenscom.casa
domain: www.emanulquran.com
domain: www.pourosdevelopments.com
domain: wwwjcpenneysurvey.store
file: 111.170.148.177
hash: 1234
file: 110.42.212.24
hash: 6379
file: 114.132.199.129
hash: 443
url: http://millersteelusa.com:8893
domain: comienzo.ydns.eu
domain: guaricha.ydns.eu
file: 178.16.52.10
hash: 207
file: 128.90.112.26
hash: 15831
file: 128.90.105.93
hash: 15831
file: 144.31.236.240
hash: 27018
domain: abusereports.lol
domain: bcb7ukdo.tinyshart.com
file: 103.11.41.20
hash: 9087
file: 49.232.242.230
hash: 8084
file: 62.0.120.51
hash: 443
url: https://villacamarao.com.br/
url: https://nhuydecor.com/
file: 45.76.145.175
hash: 58211
url: http://23.94.145.194/82bea16070014e869235.php
url: https://brightleafholdings.com/
url: https://shootiamedia.com/
url: http://89.32.41.16/bins/pmips
url: http://89.32.41.16/bins/pmpsl
url: http://175.107.228.60:46088/mozi.m
hash: 3af414ef65da7494da9604e1a1dcf1a2a92234a4c8fd2fa11bb292970ea4282e
hash: 37733e5966cf4129c79c419725fbc2f7bcdac446683d966107bb3065d959422f
domain: tb4awyc7.vip1xbet.net
domain: thkjhg.cn
domain: yfps3ls.cn
file: 209.25.141.24
hash: 1425
file: 47.243.151.183
hash: 5555
file: 176.121.50.1
hash: 8086
file: 91.92.33.132
hash: 9999
url: https://rssssociety.org.in/
url: https://villapescados.com.br/
domain: e.perspolis.pro
domain: hzks2llo.1xdownload2023.com
domain: test.officeplustool.top
file: 47.86.184.71
hash: 53
domain: yigu360.com
file: 154.86.119.228
hash: 80
domain: ccczqxl6.blackjackonlineplay83.com
file: 206.119.167.29
hash: 8992
file: 38.14.212.71
hash: 19999
file: 101.245.74.162
hash: 443
file: 103.11.41.10
hash: 49584
file: 103.11.41.20
hash: 2753
file: 104.37.173.203
hash: 14643
file: 107.173.160.177
hash: 2850
file: 107.174.142.104
hash: 6578
file: 107.174.142.104
hash: 7790
file: 138.124.84.7
hash: 4321
file: 155.94.163.75
hash: 8797
file: 173.231.188.244
hash: 14646
file: 178.83.121.60
hash: 48203
file: 185.212.128.139
hash: 9000
file: 37.220.31.90
hash: 61135
file: 45.141.234.47
hash: 4321
file: 45.74.7.165
hash: 8455
file: 45.74.7.169
hash: 7312
file: 45.74.7.170
hash: 3305
file: 5.206.224.226
hash: 2404
file: 5.8.18.155
hash: 992
file: 5.8.19.157
hash: 14644
file: 68.64.178.130
hash: 48951
file: 69.48.228.170
hash: 65531
file: 80.211.129.141
hash: 1234
file: 85.137.249.185
hash: 8977
file: 103.146.231.107
hash: 80
file: 103.146.231.107
hash: 443
hash: 716612c11982500cca51970f822ddffb5a4b3aa84fda3cb30ffab6daa94f5248
hash: 89eec27c0af96d4932891f02c0a7988b05526012
hash: 52c76d9b7366f34a1fad3b5b0527e24f
hash: abb0ddc5d6972b69a938f88cbc354dffbd14adcd13b8049e6654f51dd3f5836d
hash: b10573574be99566629f6ca88ba82d0e7e2122a7
hash: f269378bb7d1c7817fa6200a1198b9df
hash: f2cd38b6c081535971bc76d9aa3560ce3bf33e02986a430464a75e3261c4a8f1
hash: cc0ae92edb66b42397a1f91894c0e14d12c83454
hash: c0b5ba4fbb2d486362d4be79caecc2b9
hash: bac12c7b2bc08d4d552e4692bc1566d7d54efc67c3a1131628c491c23626d773
hash: 3eae959cc134d89dcfab4f8388569626e166be0e
hash: 885e4c62d17993ccffbfd44a1c128ddf
hash: feea6bd8a190f0820c19df24b870a205d5799a9c75ace8044542496650a91ef0
hash: 8c00b490332ca6af591294e1b2ffd01e708c612f
hash: 2549dc1f259917a6179f726de0ed45e7
hash: 737646392a7c882064e22ecb9fc0b2732399e44ced2f56d873e656d0035af288
hash: 2b4e83cfdab5b79ae1aa1b4df8dd4503a9c99deb
hash: 038112c489a65525aaa6c2ede6c33c2a
hash: 8cd1408dbe57b890cb7aac49c60567e659156f376075ef617d5d7afb588daa09
hash: 6de94861e213b9b876edac4bdc716e141df735b7
hash: 891776acc33d8c22e4667d51c8370d49
domain: 1e2sdyr4.honardartarikh.xyz
domain: t71awqhc.1xsignupbet.com
file: 134.122.135.120
hash: 18443
file: 134.122.135.53
hash: 18443
file: 45.227.253.121
hash: 52445

Source: ThreatFox MISP Feed

Published: 06/27/2026

ThreatFox IOCs for 2026-06-27

Medium

Malwaretype:osint tlp:white

Published: 06/27/2026 (06/27/2026, 00:00:00 UTC)

Source: ThreatFox MISP Feed

Description

ThreatFox IOCs for 2026-06-27

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 06/28/2026, 00:21:14 UTC

Technical Analysis

Potential Impact

Mitigation Recommendations

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Threat Level: 2
Analysis: 1
Distribution: 3
Uuid: 9fffdf41-0834-4b2c-bd00-781c89c2e123
Original Timestamp: 1782604987

Indicators of Compromise

File

Value	Description	Copy
file192.162.199.186	Stealc botnet C2 server (confidence level: 75%)
file196.251.107.186	SolarisLoader botnet C2 server (confidence level: 75%)
file147.182.140.2	Aisuru botnet C2 server (confidence level: 100%)
file172.245.25.134	Unknown malware botnet C2 server (confidence level: 75%)
file129.212.233.8	Aisuru botnet C2 server (confidence level: 100%)
file45.11.229.45	Aisuru botnet C2 server (confidence level: 100%)
file15.204.234.74	Mirai payload delivery server (confidence level: 75%)
file147.182.140.2	Aisuru botnet C2 server (confidence level: 100%)
file193.169.194.63	AdaptixC2 botnet C2 server (confidence level: 100%)
file47.108.60.27	Cobalt Strike botnet C2 server (confidence level: 50%)
file103.236.60.111	Cobalt Strike botnet C2 server (confidence level: 100%)
file82.27.11.240	VShell botnet C2 server (confidence level: 100%)
file8.134.255.60	VShell botnet C2 server (confidence level: 100%)
file91.213.186.177	VShell botnet C2 server (confidence level: 100%)
file43.142.51.69	VShell botnet C2 server (confidence level: 100%)
file194.56.225.147	VShell botnet C2 server (confidence level: 100%)
file194.56.225.147	VShell botnet C2 server (confidence level: 100%)
file45.192.97.47	Bashlite botnet C2 server (confidence level: 100%)
file147.182.140.2	Aisuru botnet C2 server (confidence level: 100%)
file13.62.76.12	AsyncRAT botnet C2 server (confidence level: 100%)
file13.62.76.12	AsyncRAT botnet C2 server (confidence level: 100%)
file20.69.167.4	Havoc botnet C2 server (confidence level: 100%)
file27.124.43.182	DCRat botnet C2 server (confidence level: 100%)
file172.111.169.70	Remcos botnet C2 server (confidence level: 100%)
file8.217.130.185	ValleyRAT botnet C2 server (confidence level: 100%)
file27.124.43.249	DCRat botnet C2 server (confidence level: 100%)
file102.134.54.230	VShell botnet C2 server (confidence level: 100%)
file8.217.130.185	ValleyRAT botnet C2 server (confidence level: 75%)
file91.108.243.146	Mirai botnet C2 server (confidence level: 100%)
file91.108.243.146	Mirai botnet C2 server (confidence level: 100%)
file91.108.243.146	Mirai botnet C2 server (confidence level: 100%)
file46.8.236.82	Mirai botnet C2 server (confidence level: 100%)
file46.8.236.82	Mirai botnet C2 server (confidence level: 100%)
file46.8.236.82	Mirai botnet C2 server (confidence level: 100%)
file102.134.54.230	VShell botnet C2 server (confidence level: 100%)
file107.172.190.252	VShell botnet C2 server (confidence level: 100%)
file178.16.52.104	Mirai botnet C2 server (confidence level: 100%)
file178.16.52.104	Mirai botnet C2 server (confidence level: 100%)
file62.0.120.51	Cobalt Strike botnet C2 server (confidence level: 100%)
file114.132.199.129	Cobalt Strike botnet C2 server (confidence level: 100%)
file107.172.238.19	Remcos botnet C2 server (confidence level: 100%)
file162.141.92.192	MooBot botnet C2 server (confidence level: 75%)
file198.37.119.51	Overlord RAT botnet C2 server (confidence level: 75%)
file185.242.3.43	Unknown malware botnet C2 server (confidence level: 75%)
file8.152.212.104	Cobalt Strike botnet C2 server (confidence level: 100%)
file128.90.141.159	AsyncRAT botnet C2 server (confidence level: 100%)
file188.212.158.4	AsyncRAT botnet C2 server (confidence level: 100%)
file108.165.20.135	Unknown malware botnet C2 server (confidence level: 100%)
file111.170.148.177	VShell botnet C2 server (confidence level: 100%)
file110.42.212.24	VShell botnet C2 server (confidence level: 100%)
file114.132.199.129	Cobalt Strike botnet C2 server (confidence level: 100%)
file178.16.52.10	DCRat botnet C2 server (confidence level: 75%)
file128.90.112.26	DCRat botnet C2 server (confidence level: 75%)
file128.90.105.93	DCRat botnet C2 server (confidence level: 75%)
file144.31.236.240	Remcos botnet C2 server (confidence level: 75%)
file103.11.41.20	Remcos botnet C2 server (confidence level: 75%)
file49.232.242.230	VShell botnet C2 server (confidence level: 100%)
file62.0.120.51	Cobalt Strike botnet C2 server (confidence level: 100%)
file45.76.145.175	VShell botnet C2 server (confidence level: 100%)
file209.25.141.24	Quasar RAT botnet C2 server (confidence level: 100%)
file47.243.151.183	Cobalt Strike botnet C2 server (confidence level: 100%)
file176.121.50.1	Cobalt Strike botnet C2 server (confidence level: 100%)
file91.92.33.132	Unknown RAT botnet C2 server (confidence level: 75%)
file47.86.184.71	Cobalt Strike botnet C2 server (confidence level: 75%)
file154.86.119.228	AsyncRAT botnet C2 server (confidence level: 75%)
file206.119.167.29	VShell botnet C2 server (confidence level: 100%)
file38.14.212.71	VShell botnet C2 server (confidence level: 100%)
file101.245.74.162	Havoc botnet C2 server (confidence level: 75%)
file103.11.41.10	Remcos botnet C2 server (confidence level: 75%)
file103.11.41.20	Remcos botnet C2 server (confidence level: 75%)
file104.37.173.203	Remcos botnet C2 server (confidence level: 75%)
file107.173.160.177	Evilginx botnet C2 server (confidence level: 75%)
file107.174.142.104	AsyncRAT botnet C2 server (confidence level: 75%)
file107.174.142.104	AsyncRAT botnet C2 server (confidence level: 75%)
file138.124.84.7	AdaptixC2 botnet C2 server (confidence level: 75%)
file155.94.163.75	AsyncRAT botnet C2 server (confidence level: 75%)
file173.231.188.244	Remcos botnet C2 server (confidence level: 75%)
file178.83.121.60	AsyncRAT botnet C2 server (confidence level: 75%)
file185.212.128.139	Evilginx botnet C2 server (confidence level: 75%)
file37.220.31.90	AdaptixC2 botnet C2 server (confidence level: 75%)
file45.141.234.47	AdaptixC2 botnet C2 server (confidence level: 75%)
file45.74.7.165	Remcos botnet C2 server (confidence level: 75%)
file45.74.7.169	Remcos botnet C2 server (confidence level: 75%)
file45.74.7.170	Remcos botnet C2 server (confidence level: 75%)
file5.206.224.226	Remcos botnet C2 server (confidence level: 75%)
file5.8.18.155	BianLian botnet C2 server (confidence level: 75%)
file5.8.19.157	Remcos botnet C2 server (confidence level: 75%)
file68.64.178.130	AdaptixC2 botnet C2 server (confidence level: 75%)
file69.48.228.170	AdaptixC2 botnet C2 server (confidence level: 75%)
file80.211.129.141	AdaptixC2 botnet C2 server (confidence level: 75%)
file85.137.249.185	AdaptixC2 botnet C2 server (confidence level: 75%)
file103.146.231.107	Cobalt Strike botnet C2 server (confidence level: 75%)
file103.146.231.107	Cobalt Strike botnet C2 server (confidence level: 100%)
file134.122.135.120	Cobalt Strike botnet C2 server (confidence level: 75%)
file134.122.135.53	Cobalt Strike botnet C2 server (confidence level: 75%)
file45.227.253.121	Cobalt Strike botnet C2 server (confidence level: 75%)

Hash

Value	Description	Copy
hash80	Stealc botnet C2 server (confidence level: 75%)
hash80	SolarisLoader botnet C2 server (confidence level: 75%)
hash9034	Aisuru botnet C2 server (confidence level: 100%)
hash275e5b085534f64313b50cbdcb08ecd59c57d21c96bb937f140ee92a3d27f792	Unknown malware payload (confidence level: 75%)
hash1b9e167757acd83c27a58de454cdc67af447c16422e8568ac08491de01ca7caa	Unknown malware payload (confidence level: 75%)
hash39fa0fa694213d27c09ff2da27ae8a08866a36edece31e0c14312a4d42eb5fb4	Unknown malware payload (confidence level: 75%)
hash50d9c3519a2fb107671c7d0151aa2ea2e15143d732821ec381732876e487034d	Unknown malware payload (confidence level: 75%)
hash49281a9d741515d1ece2051fc1c5f7fac2c54c73f5e96c32a70d6729cdb94e4e	Unknown malware payload (confidence level: 75%)
hash8787	Unknown malware botnet C2 server (confidence level: 75%)
hash8080	Aisuru botnet C2 server (confidence level: 100%)
hash8001	Aisuru botnet C2 server (confidence level: 100%)
hash23	Mirai payload delivery server (confidence level: 75%)
hash9035	Aisuru botnet C2 server (confidence level: 100%)
hash443	AdaptixC2 botnet C2 server (confidence level: 100%)
hash80	Cobalt Strike botnet C2 server (confidence level: 50%)
hash443	Cobalt Strike botnet C2 server (confidence level: 100%)
hash2095	VShell botnet C2 server (confidence level: 100%)
hash8084	VShell botnet C2 server (confidence level: 100%)
hash8084	VShell botnet C2 server (confidence level: 100%)
hash8001	VShell botnet C2 server (confidence level: 100%)
hash8081	VShell botnet C2 server (confidence level: 100%)
hash8088	VShell botnet C2 server (confidence level: 100%)
hash5555	Bashlite botnet C2 server (confidence level: 100%)
hash34567	Aisuru botnet C2 server (confidence level: 100%)
hash4444	AsyncRAT botnet C2 server (confidence level: 100%)
hash7777	AsyncRAT botnet C2 server (confidence level: 100%)
hash443	Havoc botnet C2 server (confidence level: 100%)
hash8848	DCRat botnet C2 server (confidence level: 100%)
hash1771	Remcos botnet C2 server (confidence level: 100%)
hash5677	ValleyRAT botnet C2 server (confidence level: 100%)
hash8848	DCRat botnet C2 server (confidence level: 100%)
hash8084	VShell botnet C2 server (confidence level: 100%)
hash5678	ValleyRAT botnet C2 server (confidence level: 75%)
hashd42e4181eb28a34149d95e716d63e9dcbe07c9f93f630bc7f6f19afda19bf3fc	CryptoRansomeware payload (confidence level: 75%)
hasha7aa93ad69ee4641c9346eea3456415dbb00be679940d5070db0587894ede987	CryptoRansomeware payload (confidence level: 75%)
hashcb1dd59ac326416b84a5c28ced438a25518d4b5fadfbb9c979ed319db844cda7	CryptoRansomeware payload (confidence level: 75%)
hash0013d3a2143469022ce41148f0df1898a5c7f122bc5d2842139d47054178f83c	UACMe payload (confidence level: 75%)
hash3142e7ca3dbe7756b792ba425bf4e3c3b856c430647a8c51126a38993f916451	CryptoRansomeware payload (confidence level: 75%)
hash80	Mirai botnet C2 server (confidence level: 100%)
hash123	Mirai botnet C2 server (confidence level: 100%)
hash25565	Mirai botnet C2 server (confidence level: 100%)
hash80	Mirai botnet C2 server (confidence level: 100%)
hash123	Mirai botnet C2 server (confidence level: 100%)
hash25565	Mirai botnet C2 server (confidence level: 100%)
hash80	VShell botnet C2 server (confidence level: 100%)
hash8551	VShell botnet C2 server (confidence level: 100%)
hash28931	Mirai botnet C2 server (confidence level: 100%)
hash18234	Mirai botnet C2 server (confidence level: 100%)
hash82	Cobalt Strike botnet C2 server (confidence level: 100%)
hash4443	Cobalt Strike botnet C2 server (confidence level: 100%)
hash4550	Remcos botnet C2 server (confidence level: 100%)
hash14123	MooBot botnet C2 server (confidence level: 75%)
hash5173	Overlord RAT botnet C2 server (confidence level: 75%)
hash5173	Unknown malware botnet C2 server (confidence level: 75%)
hash443	Cobalt Strike botnet C2 server (confidence level: 100%)
hash66800eefed4e4c7dae18fe4dfe388e5f0ef20159cf0c7188df6c1a1d88f63a03	AsyncRAT payload (confidence level: 100%)
hash2eebecf7c504a215a51fb2876ec4f646b252fea92b43a6c5a811b8338f0ed133	AsyncRAT payload (confidence level: 100%)
hash6bdc600936975f49a706081d941b5de37f23586828a13aded77e015cf01cccc5	AsyncRAT payload (confidence level: 100%)
hashf636f4b5522e2a1c341fd1064190fe714a2965b4432b0bfe57c05233a60f611f	AsyncRAT payload (confidence level: 100%)
hash4444	AsyncRAT botnet C2 server (confidence level: 100%)
hash8808	AsyncRAT botnet C2 server (confidence level: 100%)
hash8888	Unknown malware botnet C2 server (confidence level: 100%)
hash1234	VShell botnet C2 server (confidence level: 100%)
hash6379	VShell botnet C2 server (confidence level: 100%)
hash443	Cobalt Strike botnet C2 server (confidence level: 100%)
hash207	DCRat botnet C2 server (confidence level: 75%)
hash15831	DCRat botnet C2 server (confidence level: 75%)
hash15831	DCRat botnet C2 server (confidence level: 75%)
hash27018	Remcos botnet C2 server (confidence level: 75%)
hash9087	Remcos botnet C2 server (confidence level: 75%)
hash8084	VShell botnet C2 server (confidence level: 100%)
hash443	Cobalt Strike botnet C2 server (confidence level: 100%)
hash58211	VShell botnet C2 server (confidence level: 100%)
hash3af414ef65da7494da9604e1a1dcf1a2a92234a4c8fd2fa11bb292970ea4282e	Mirai payload (confidence level: 80%)
hash37733e5966cf4129c79c419725fbc2f7bcdac446683d966107bb3065d959422f	Mirai payload (confidence level: 80%)
hash1425	Quasar RAT botnet C2 server (confidence level: 100%)
hash5555	Cobalt Strike botnet C2 server (confidence level: 100%)
hash8086	Cobalt Strike botnet C2 server (confidence level: 100%)
hash9999	Unknown RAT botnet C2 server (confidence level: 75%)
hash53	Cobalt Strike botnet C2 server (confidence level: 75%)
hash80	AsyncRAT botnet C2 server (confidence level: 75%)
hash8992	VShell botnet C2 server (confidence level: 100%)
hash19999	VShell botnet C2 server (confidence level: 100%)
hash443	Havoc botnet C2 server (confidence level: 75%)
hash49584	Remcos botnet C2 server (confidence level: 75%)
hash2753	Remcos botnet C2 server (confidence level: 75%)
hash14643	Remcos botnet C2 server (confidence level: 75%)
hash2850	Evilginx botnet C2 server (confidence level: 75%)
hash6578	AsyncRAT botnet C2 server (confidence level: 75%)
hash7790	AsyncRAT botnet C2 server (confidence level: 75%)
hash4321	AdaptixC2 botnet C2 server (confidence level: 75%)
hash8797	AsyncRAT botnet C2 server (confidence level: 75%)
hash14646	Remcos botnet C2 server (confidence level: 75%)
hash48203	AsyncRAT botnet C2 server (confidence level: 75%)
hash9000	Evilginx botnet C2 server (confidence level: 75%)
hash61135	AdaptixC2 botnet C2 server (confidence level: 75%)
hash4321	AdaptixC2 botnet C2 server (confidence level: 75%)
hash8455	Remcos botnet C2 server (confidence level: 75%)
hash7312	Remcos botnet C2 server (confidence level: 75%)
hash3305	Remcos botnet C2 server (confidence level: 75%)
hash2404	Remcos botnet C2 server (confidence level: 75%)
hash992	BianLian botnet C2 server (confidence level: 75%)
hash14644	Remcos botnet C2 server (confidence level: 75%)
hash48951	AdaptixC2 botnet C2 server (confidence level: 75%)
hash65531	AdaptixC2 botnet C2 server (confidence level: 75%)
hash1234	AdaptixC2 botnet C2 server (confidence level: 75%)
hash8977	AdaptixC2 botnet C2 server (confidence level: 75%)
hash80	Cobalt Strike botnet C2 server (confidence level: 75%)
hash443	Cobalt Strike botnet C2 server (confidence level: 100%)
hash716612c11982500cca51970f822ddffb5a4b3aa84fda3cb30ffab6daa94f5248	Socks5 Systemz payload (confidence level: 95%)
hash89eec27c0af96d4932891f02c0a7988b05526012	Socks5 Systemz payload (confidence level: 95%)
hash52c76d9b7366f34a1fad3b5b0527e24f	Socks5 Systemz payload (confidence level: 95%)
hashabb0ddc5d6972b69a938f88cbc354dffbd14adcd13b8049e6654f51dd3f5836d	Vidar payload (confidence level: 95%)
hashb10573574be99566629f6ca88ba82d0e7e2122a7	Vidar payload (confidence level: 95%)
hashf269378bb7d1c7817fa6200a1198b9df	Vidar payload (confidence level: 95%)
hashf2cd38b6c081535971bc76d9aa3560ce3bf33e02986a430464a75e3261c4a8f1	WannaCryptor payload (confidence level: 95%)
hashcc0ae92edb66b42397a1f91894c0e14d12c83454	WannaCryptor payload (confidence level: 95%)
hashc0b5ba4fbb2d486362d4be79caecc2b9	WannaCryptor payload (confidence level: 95%)
hashbac12c7b2bc08d4d552e4692bc1566d7d54efc67c3a1131628c491c23626d773	Vidar payload (confidence level: 95%)
hash3eae959cc134d89dcfab4f8388569626e166be0e	Vidar payload (confidence level: 95%)
hash885e4c62d17993ccffbfd44a1c128ddf	Vidar payload (confidence level: 95%)
hashfeea6bd8a190f0820c19df24b870a205d5799a9c75ace8044542496650a91ef0	Quasar RAT payload (confidence level: 95%)
hash8c00b490332ca6af591294e1b2ffd01e708c612f	Quasar RAT payload (confidence level: 95%)
hash2549dc1f259917a6179f726de0ed45e7	Quasar RAT payload (confidence level: 95%)
hash737646392a7c882064e22ecb9fc0b2732399e44ced2f56d873e656d0035af288	CrossRAT payload (confidence level: 95%)
hash2b4e83cfdab5b79ae1aa1b4df8dd4503a9c99deb	CrossRAT payload (confidence level: 95%)
hash038112c489a65525aaa6c2ede6c33c2a	CrossRAT payload (confidence level: 95%)
hash8cd1408dbe57b890cb7aac49c60567e659156f376075ef617d5d7afb588daa09	DarkMe payload (confidence level: 95%)
hash6de94861e213b9b876edac4bdc716e141df735b7	DarkMe payload (confidence level: 95%)
hash891776acc33d8c22e4667d51c8370d49	DarkMe payload (confidence level: 95%)
hash18443	Cobalt Strike botnet C2 server (confidence level: 75%)
hash18443	Cobalt Strike botnet C2 server (confidence level: 75%)
hash52445	Cobalt Strike botnet C2 server (confidence level: 75%)

Domain

Value	Description	Copy
domainsdnstatistic.com	Unknown malware botnet C2 domain (confidence level: 50%)
domainolddenver.xyz	Unknown malware botnet C2 domain (confidence level: 50%)
domainafricadasi.org	Unknown malware payload delivery domain (confidence level: 75%)
domainskillboxultra.live	Unknown Stealer botnet C2 domain (confidence level: 100%)
domainsailboaterists.net	Unknown malware botnet C2 domain (confidence level: 75%)
domainbins.oceanic-node.su	Mirai payload delivery domain (confidence level: 75%)
domainc2uwzjf8.blackjackonlineplay83.com	ClearFake payload delivery domain (confidence level: 100%)
domaintszebpwz.1xprobet.app	ClearFake payload delivery domain (confidence level: 100%)
domain7pkztjkc.1xbetpartnersiran.com	ClearFake payload delivery domain (confidence level: 100%)
domainsamplerace.info	Unknown Loader payload delivery domain (confidence level: 100%)
domain85xhbv2q.shartcart.xyz	ClearFake payload delivery domain (confidence level: 100%)
domainmdsearch.xyz	Unknown Stealer botnet C2 domain (confidence level: 75%)
domainmadproxys.top	Unknown Stealer botnet C2 domain (confidence level: 75%)
domainclosegate21.xyz	Unknown Stealer botnet C2 domain (confidence level: 75%)
domainbukuru.duckdns.org	Remcos botnet C2 domain (confidence level: 75%)
domainhoteljune2026.blogspot.com	Overlord RAT payload delivery domain (confidence level: 100%)
domainicro-soft.com	Overlord RAT botnet C2 domain (confidence level: 100%)
domainairtek.vn	IClickFix payload delivery domain (confidence level: 100%)
domainbalanga.studio	IClickFix payload delivery domain (confidence level: 100%)
domaincgain.net	IClickFix payload delivery domain (confidence level: 100%)
domainchurchschickenfeedback.org	IClickFix payload delivery domain (confidence level: 100%)
domainculpritonline.com	IClickFix payload delivery domain (confidence level: 100%)
domaindgcustumrfirst.shop	IClickFix payload delivery domain (confidence level: 100%)
domaindqfanfeedbackfreedillybar.live	IClickFix payload delivery domain (confidence level: 100%)
domaindqfanfeedbacks.space	IClickFix payload delivery domain (confidence level: 100%)
domaindupat.ae	IClickFix payload delivery domain (confidence level: 100%)
domainemdgroupe.com	IClickFix payload delivery domain (confidence level: 100%)
domainezbadvogados.com.br	IClickFix payload delivery domain (confidence level: 100%)
domainhealthbloglonglife.com	IClickFix payload delivery domain (confidence level: 100%)
domainhollytree-transport.co.uk	IClickFix payload delivery domain (confidence level: 100%)
domainjcpeneycomsurvey.info	IClickFix payload delivery domain (confidence level: 100%)
domainmetroindonesia.id	IClickFix payload delivery domain (confidence level: 100%)
domainmyopinion-deltaco.info	IClickFix payload delivery domain (confidence level: 100%)
domainmywawavisitscom.info	IClickFix payload delivery domain (confidence level: 100%)
domainnexel-drive.com	IClickFix payload delivery domain (confidence level: 100%)
domainpurplebandage.org.za	IClickFix payload delivery domain (confidence level: 100%)
domaintalktohannafordcom.store	IClickFix payload delivery domain (confidence level: 100%)
domaintalktostopandshop.pro	IClickFix payload delivery domain (confidence level: 100%)
domainthespeedyhomeoffer.com	IClickFix payload delivery domain (confidence level: 100%)
domaintrendomart.xyz	IClickFix payload delivery domain (confidence level: 100%)
domainvaluevillagelistencom.store	IClickFix payload delivery domain (confidence level: 100%)
domainvaluevillagelistenscom.casa	IClickFix payload delivery domain (confidence level: 100%)
domainwww.emanulquran.com	IClickFix payload delivery domain (confidence level: 100%)
domainwww.pourosdevelopments.com	IClickFix payload delivery domain (confidence level: 100%)
domainwwwjcpenneysurvey.store	IClickFix payload delivery domain (confidence level: 100%)
domaincomienzo.ydns.eu	DCRat botnet C2 domain (confidence level: 100%)
domainguaricha.ydns.eu	DCRat botnet C2 domain (confidence level: 100%)
domainabusereports.lol	Mirai botnet C2 domain (confidence level: 100%)
domainbcb7ukdo.tinyshart.com	ClearFake payload delivery domain (confidence level: 100%)
domaintb4awyc7.vip1xbet.net	ClearFake payload delivery domain (confidence level: 100%)
domainthkjhg.cn	AsyncRAT payload delivery domain (confidence level: 100%)
domainyfps3ls.cn	AsyncRAT payload delivery domain (confidence level: 100%)
domaine.perspolis.pro	ClearFake payload delivery domain (confidence level: 100%)
domainhzks2llo.1xdownload2023.com	ClearFake payload delivery domain (confidence level: 100%)
domaintest.officeplustool.top	Cobalt Strike botnet C2 domain (confidence level: 75%)
domainyigu360.com	AsyncRAT botnet C2 domain (confidence level: 75%)
domainccczqxl6.blackjackonlineplay83.com	ClearFake payload delivery domain (confidence level: 100%)
domain1e2sdyr4.honardartarikh.xyz	ClearFake payload delivery domain (confidence level: 100%)
domaint71awqhc.1xsignupbet.com	ClearFake payload delivery domain (confidence level: 100%)

Url

Value	Description	Copy
urlhttp://36.255.40.171:34374/mozi.a	Mozi payload delivery URL (confidence level: 75%)
urlhttp://172.245.25.134:8787/collect	Unknown malware botnet C2 (confidence level: 75%)
urlhttp://bins.oceanic-node.su/wget.sh	Mirai payload delivery URL (confidence level: 75%)
urlhttp://72.255.33.12:55798/mozi.m	Mozi payload delivery URL (confidence level: 75%)
urlhttp://103.31.100.79:57731/mozi.m	Mozi payload delivery URL (confidence level: 75%)
urlhttp://110.36.28.183:54729/mozi.7	Mozi payload delivery URL (confidence level: 75%)
urlhttp://60.23.235.10:40564/mozi.m	Mozi payload delivery URL (confidence level: 75%)
urlhttp://185.194.175.132:8000/api/endpoint.php	Unknown malware botnet C2 (confidence level: 100%)
urlhttps://smartpos.com.tr/	Vidar payload delivery URL (confidence level: 75%)
urlhttp://millersteelusa.com:8893	Remus botnet C2 (confidence level: 75%)
urlhttps://villacamarao.com.br/	Vidar payload delivery URL (confidence level: 75%)
urlhttps://nhuydecor.com/	Vidar payload delivery URL (confidence level: 75%)
urlhttp://23.94.145.194/82bea16070014e869235.php	Stealc botnet C2 (confidence level: 100%)
urlhttps://brightleafholdings.com/	Vidar payload delivery URL (confidence level: 75%)
urlhttps://shootiamedia.com/	Vidar payload delivery URL (confidence level: 75%)
urlhttp://89.32.41.16/bins/pmips	Mirai payload delivery URL (confidence level: 75%)
urlhttp://89.32.41.16/bins/pmpsl	Mirai payload delivery URL (confidence level: 75%)
urlhttp://175.107.228.60:46088/mozi.m	Mozi payload delivery URL (confidence level: 75%)
urlhttps://rssssociety.org.in/	Vidar payload delivery URL (confidence level: 75%)
urlhttps://villapescados.com.br/	Vidar payload delivery URL (confidence level: 75%)

Threat ID: 6a4068f627e9c79719b7dff1

Added to database: 06/28/2026, 00:21:10 UTC

Last enriched: 06/28/2026, 00:21:14 UTC

Last updated: 06/28/2026, 03:21:10 UTC

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by

Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

External Links

Search on Google

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited

View courses

ThreatFox IOCs for 2026-06-27

AI Analysis

Technical Summary

Potential Impact

Mitigation Recommendations

Indicators of Compromise

ThreatFox IOCs for 2026-06-27

Description

AI-Powered Analysis

Technical Analysis

Potential Impact

Mitigation Recommendations

Technical Details

Indicators of Compromise

File

Hash

Domain

Url

Community Reviews

Actions

External Links

Need more coverage?

Latest Threats

Check if your credentials are on the dark web

Lead Pen Test Professional

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility

ThreatFox IOCs for 2026-06-27

AI Analysis

Technical Summary

Potential Impact

Mitigation Recommendations

Indicators of Compromise

ThreatFox IOCs for 2026-06-27

Description

AI-Powered Analysis

Technical Analysis

Potential Impact

Mitigation Recommendations

Technical Details

Indicators of Compromise

File

Hash

Domain

Url

Community Reviews

Related Threats

0DIN: Clean GitHub Repos Can Trick AI Agents Into Reverse Shells

Maltrail IOC for 2026-06-27

Clean GitHub repo tricks AI coding agents into running malware

ThreatFox IOCs for 2026-06-26

Operation DragonReturn: China-Nexus Cyber Espionage Campaign Targeting Govt. of India/MoF Tax Infrastructure via Multi-Stage DcRAT Deployment

Actions

External Links

Need more coverage?

Latest Threats

Check if your credentials are on the dark web

Lead Pen Test Professional

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility