Dedicated IOC database focused on threat actors infrastructure based in Russia⚰️ and Belarus🥔 (RU/BY), providing up-to-date information on C2 and malware distribution servers for all interested parties.
Read our statement| First seen | IOC | Malware | Country | Tags |
|---|---|---|---|---|
| 2025-01-10 13:53:59 UTC | 5.252.176.78:443 | Sliver | RU | sliver drb-ra |
| 2025-01-10 13:53:53 UTC | 5.101.5.196:9999 | Havoc | RU | drb-ra Havoc |
| 2025-01-10 13:53:52 UTC | 5.101.4.196:9999 | Havoc | RU | drb-ra Havoc |
| 2025-01-10 13:53:07 UTC | 45.141.86.39:446 | Sliver | RU | sliver drb-ra |
| 2025-01-10 13:50:43 UTC | 194.87.68.191:8443 | Sliver | RU | sliver drb-ra |
| 2025-01-10 13:50:42 UTC | 194.87.196.126:56789 | Sliver | RU | sliver drb-ra |
| 2025-01-10 13:50:42 UTC | 194.87.196.126:443 | Sliver | RU | sliver drb-ra |
| 2025-01-10 13:00:09 UTC | 176.53.147.97:443 | FAKEUPDATES | RU | SocGholish |
| 2025-01-10 10:22:33 UTC | 193.143.1.205:8888 | StrelaStealer | RU | StrelaStealer |
| 2025-01-10 08:19:28 UTC | 94.242.61.116:8666 | Meterpreter | RU | drb-ra MetaSploit Meterpreter |