Dedicated IOC database focused on threat actors infrastructure based in Russia⚰️ and Belarus🥔 (RU/BY), providing up-to-date information on C2 and malware distribution servers for all interested parties.
Read our statement| First seen | IOC | Malware | Country | Tags |
|---|---|---|---|---|
| 2025-01-03 07:15:28 UTC | 5.252.176.3:31337 | Sliver | RU | sliver c2 shodan |
| 2025-01-03 07:15:45 UTC | 89.169.168.121:31337 | Sliver | RU | sliver c2 shodan |
| 2025-01-02 13:00:25 UTC | 93.183.78.36:63655 | RMS | RU | RemoteManipulator |
| 2025-01-02 08:03:29 UTC | 103.74.93.242:8443 | DeimosC2 | RU | c2 AS9123 censys DeimosC2 TIMEWEB-AS |
| 2025-01-02 07:45:07 UTC | 89.208.231.155:80 | brute_ratel | RU | |
| 2024-12-30 17:18:41 UTC | 45.141.86.98:443 | Matanbuchus | RU | |
| 2024-12-30 08:02:25 UTC | 83.217.209.91:8082 | Hook | RU | c2 censys AS215826 HookBot PARTNER-HOSTING-LTD |
| 2024-12-30 00:04:17 UTC | 185.32.84.151:80 | Bashlite | RU | c2 censys AS208795 Gafgyt open-dir YANDEXCLOUD |
| 2024-12-30 00:04:06 UTC | 94.103.84.173:80 | Unknown malware | RU | c2 censys AS48282 panel UNAM VDSINA-AS |
| 2024-12-29 16:02:10 UTC | 45.141.86.98:4443 | Matanbuchus | RU | c2 censys AS206728 matanbuchus MEDIALAND-AS |