Dedicated IOC database focused on threat actors infrastructure based in Russia⚰️ and Belarus🥔 (RU/BY), providing up-to-date information on C2 and malware distribution servers for all interested parties.
Read our statement| First seen | IOC | Malware | Country | Tags |
|---|---|---|---|---|
| 2025-01-21 20:47:38 UTC | 80.64.30.50:81 | Cobalt Strike | RU | CobaltStrike drb-ra |
| 2025-01-21 19:47:48 UTC | 80.64.30.50:81 | Cobalt Strike | RU | CobaltStrike drb-ra |
| 2025-01-21 18:48:21 UTC | 80.64.30.50:81 | Cobalt Strike | RU | CobaltStrike drb-ra |
| 2025-01-21 17:49:21 UTC | 80.64.30.50:81 | Cobalt Strike | RU | CobaltStrike drb-ra |
| 2025-01-21 16:47:33 UTC | 80.64.30.50:81 | Cobalt Strike | RU | CobaltStrike drb-ra |
| 2025-01-17 12:47:50 UTC | 80.64.30.50:81 | Cobalt Strike | RU | CobaltStrike drb-ra |
| 2025-01-17 12:02:45 UTC | 45.135.232.38:35550 | DCRat | RU | c2 censys RAT AS198953 dcrat PROTON66 |
| 2025-01-17 11:48:32 UTC | 80.64.30.50:81 | Cobalt Strike | RU | CobaltStrike drb-ra |
| 2025-01-17 10:47:25 UTC | 80.64.30.50:81 | Cobalt Strike | RU | CobaltStrike drb-ra |
| 2025-01-17 10:32:15 UTC | 94.124.192.220:4443 | XWorm | RU | c2 XWorm AS31261 GARS-AS |