Dedicated IOC database focused on threat actors infrastructure based in Russia⚰️ and Belarus🥔 (RU/BY), providing up-to-date information on C2 and malware distribution servers for all interested parties.
Read our statement| First seen | IOC | Malware | Country | Tags |
|---|---|---|---|---|
| 2025-01-13 12:03:16 UTC | 94.159.113.43:443 | Matanbuchus | RU | c2 censys matanbuchus AS216234 SERVER-21-AS |
| 2025-01-13 08:02:03 UTC | 94.232.40.32:443 | Latrodectus | RU | Latrodectus |
| 2025-01-12 08:09:51 UTC | 77.73.68.51:5000 | Unknown malware | RU | c2 censys AS43317 botnet byob VEESP-AS |
| 2025-01-12 08:09:52 UTC | 77.73.68.51:443 | Unknown malware | RU | c2 censys AS43317 botnet byob VEESP-AS |
| 2025-01-11 08:53:36 UTC | 80.76.42.226:33771 | Havoc | RU | drb-ra Havoc |
| 2025-01-10 20:53:35 UTC | 193.143.1.46:7070 | Mirai | RU | gorilla GorillaBotnet Mirai |
| 2025-01-10 20:48:30 UTC | 185.209.28.14:443 | DeimosC2 | RU | drb-ra Deimos |
| 2025-01-10 20:44:11 UTC | 109.196.98.204:443 | DeimosC2 | RU | drb-ra Deimos |
| 2025-01-10 16:02:20 UTC | 80.87.199.167:8001 | Cobalt Strike | RU | c2 CobaltStrike cs-watermark-987654321 censys AS29182 RU-JSCIOT |
| 2025-01-10 14:59:35 UTC | 37.143.15.49:31337 | Sliver | RU | c2 shodan sliver |