Dedicated IOC database focused on threat actors infrastructure based in Russia⚰️ and Belarus🥔 (RU/BY), providing up-to-date information on C2 and malware distribution servers for all interested parties.
Read our statement| First seen | IOC | Malware | Country | Tags |
|---|---|---|---|---|
| 2025-01-10 08:19:27 UTC | 94.242.61.116:8555 | Meterpreter | RU | drb-ra MetaSploit Meterpreter |
| 2025-01-10 08:19:27 UTC | 94.242.61.116:8444 | Meterpreter | RU | drb-ra MetaSploit Meterpreter |
| 2025-01-10 08:19:27 UTC | 94.242.61.116:8443 | Meterpreter | RU | drb-ra MetaSploit Meterpreter |
| 2025-01-10 08:19:26 UTC | 94.242.61.116:4430 | Meterpreter | RU | drb-ra MetaSploit Meterpreter |
| 2025-01-10 08:19:26 UTC | 94.242.61.116:443 | Meterpreter | RU | drb-ra MetaSploit Meterpreter |
| 2025-01-10 08:19:26 UTC | 94.232.43.211:443 | Cobalt Strike | RU | CobaltStrike drb-ra |
| 2025-01-10 08:19:12 UTC | 86.106.102.107:53 | Cobalt Strike | RU | CobaltStrike drb-ra |
| 2025-01-10 08:16:27 UTC | 147.45.47.88:443 | Cobalt Strike | RU | CobaltStrike drb-ra |
| 2025-01-10 08:16:26 UTC | 147.45.47.69:443 | Cobalt Strike | RU | CobaltStrike drb-ra |
| 2025-01-10 08:16:23 UTC | 141.105.71.121:8080 | Meterpreter | RU | drb-ra MetaSploit Meterpreter |