Dedicated IOC database focused on threat actors infrastructure based in Russia⚰️ and Belarus🥔 (RU/BY), providing up-to-date information on C2 and malware distribution servers for all interested parties.
Read our statement| First seen | IOC | Malware | Country | Tags |
|---|---|---|---|---|
| 2025-01-30 14:06:49 UTC | 193.233.254.126:9595 | SpyNote | RU | iocbottest 30January2025 |
| 2025-01-30 14:06:48 UTC | 193.233.254.67:7777 | SpyNote | RU | iocbottest 30January2025 |
| 2025-01-30 14:06:47 UTC | 80.66.84.58:9595 | SpyNote | RU | iocbottest 30January2025 |
| 2025-01-30 14:06:46 UTC | 185.229.66.188:7773 | SpyNote | RU | iocbottest 30January2025 |
| 2025-01-30 14:06:46 UTC | 80.85.153.180:5214 | SpyNote | RU | iocbottest 30January2025 |
| 2025-01-30 14:06:45 UTC | 193.161.193.99:63230 | SpyNote | RU | iocbottest 30January2025 |
| 2025-01-30 08:50:40 UTC | 185.112.83.45:443 | Meterpreter | RU | drb-ra MetaSploit Meterpreter |
| 2025-01-30 08:48:05 UTC | 5.252.176.4:443 | Havoc | RU | drb-ra Havoc |
| 2025-01-30 08:47:33 UTC | 45.141.86.123:443 | Sliver | RU | sliver drb-ra |
| 2025-01-30 08:45:35 UTC | 185.130.213.219:80 | Havoc | RU | drb-ra Havoc |