Dedicated IOC database focused on threat actors infrastructure based in Russia⚰️ and Belarus🥔 (RU/BY), providing up-to-date information on C2 and malware distribution servers for all interested parties.
Read our statement| First seen | IOC | Malware | Country | Tags |
|---|---|---|---|---|
| 2025-01-17 10:32:15 UTC | 91.217.77.77:7000 | XWorm | RU | c2 AS50113 SUPERSERVERSDATACENTER XWorm |
| 2025-01-17 09:47:45 UTC | 80.64.30.50:81 | Cobalt Strike | RU | CobaltStrike drb-ra |
| 2025-01-17 09:15:53 UTC | 62.76.251.43:443 | Eye Pyramid | RU | drb-ra EyePyramid |
| 2025-01-17 09:13:57 UTC | 147.45.147.76:443 | Eye Pyramid | RU | drb-ra EyePyramid |
| 2025-01-17 08:03:29 UTC | 193.143.1.72:9090 | AsyncRAT | RU | c2 censys RAT AS198953 PROTON66 asyncrat |
| 2025-01-17 06:08:52 UTC | 149.154.68.20:31337 | Sliver | RU | c2 shodan sliver |
| 2025-01-17 00:03:33 UTC | 193.143.1.72:8808 | AsyncRAT | RU | c2 censys RAT AS198953 PROTON66 asyncrat |
| 2025-01-17 00:03:32 UTC | 193.143.1.72:443 | AsyncRAT | RU | c2 censys RAT AS198953 PROTON66 asyncrat |
| 2025-01-16 20:04:21 UTC | 80.64.30.95:443 | Matanbuchus | RU | |
| 2025-01-16 16:05:28 UTC | 185.130.249.27:6161 | Remcos | RU | remcos |