Threat Entries

nuffsec/threatintel

Dedicated IOC database focused on threat actors infrastructure based in Russia⚰️ and Belarus🥔 (RU/BY), providing up-to-date information on C2 and malware distribution servers for all interested parties.

Read our statement

First seen	IOC	Malware	Country	Tags
2025-01-28 12:48:18 UTC	185.147.39.227:80	Cobalt Strike	RU	CobaltStrike drb-ra
2025-01-28 12:04:42 UTC	45.141.84.208:15647	SectopRAT	RU	c2 censys AS206728 MEDIALAND-AS RAT sectop
2025-01-28 11:03:23 UTC	193.161.193.99:50938	XWorm	RU	iocbottest 28January2025
2025-01-28 08:04:02 UTC	185.147.39.227:8080	Cobalt Strike	RU	c2 CobaltStrike cs-watermark-987654321 censys AS49505 SELECTEL
2025-01-28 04:04:47 UTC	185.147.124.181:15747	SectopRAT	RU	c2 censys RAT sectop AS49505 SELECTEL
2025-01-28 04:04:47 UTC	185.147.124.181:15647	SectopRAT	RU	c2 censys RAT sectop AS49505 SELECTEL
2025-01-28 00:04:00 UTC	45.141.76.97:8081	Cobalt Strike	RU	c2 CobaltStrike cs-watermark-987654321 censys AS198610 BEGET-AS
2025-01-27 19:45:34 UTC	31.184.196.130:4464	Sliver	RU	sliver drb-ra
2025-01-27 19:44:56 UTC	194.87.107.61:8080	Sliver	RU	sliver drb-ra
2025-01-27 16:04:18 UTC	185.130.251.54:443	Sliver	RU	c2 censys AS56694 SMARTAPE sliver