Dedicated IOC database focused on threat actors infrastructure based in Russia⚰️ and Belarus🥔 (RU/BY), providing up-to-date information on C2 and malware distribution servers for all interested parties.
Read our statement| First seen | IOC | Malware | Country | Tags |
|---|---|---|---|---|
| 2025-01-27 12:04:52 UTC | 93.185.167.219:8520 | DCRat | RU | c2 censys RAT dcrat ALEXHOST AS200019 |
| 2025-01-27 08:46:40 UTC | 81.177.215.62:443 | Eye Pyramid | RU | drb-ra EyePyramid |
| 2025-01-27 06:43:06 UTC | 158.160.38.184:3333 | Unknown malware | RU | censys YANDEXCLOUD AS200350 GoPhish phishing |
| 2025-01-27 06:42:59 UTC | 185.147.124.10:443 | PoshC2 | RU | c2 censys AS49505 SELECTEL |
| 2025-01-25 17:33:23 UTC | 176.110.208.212:25565 | NjRAT | RU | iocbottest 25January2025 |
| 2025-01-25 08:43:37 UTC | 147.45.47.167:24637 | Brute Ratel C4 | RU | drb-ra BruteRatel |
| 2025-01-25 07:57:01 UTC | 147.45.47.222:3991 | XWorm | RU | c2 AS215789 XWorm KARINAR |
| 2025-01-25 06:00:57 UTC | 185.105.109.183:3333 | Unknown malware | RU | censys GoPhish phishing AS210079 EUROBYTE |
| 2025-01-25 06:01:01 UTC | 185.22.155.196:3334 | Unknown malware | RU | censys GoPhish phishing AS51659 ASBAXET |
| 2025-01-25 06:00:44 UTC | 147.45.44.184:4782 | Quasar RAT | RU | iocbottest 24January2025 |