Dedicated IOC database focused on threat actors infrastructure based in Russia⚰️ and Belarus🥔 (RU/BY), providing up-to-date information on C2 and malware distribution servers for all interested parties.
Read our statement| First seen | IOC | Malware | Country | Tags |
|---|---|---|---|---|
| 2025-01-24 20:45:55 UTC | 51.250.0.16:443 | BianLian | RU | drb-ra BianLian |
| 2025-01-24 20:03:59 UTC | 193.143.1.71:443 | Remcos | RU | c2 censys RAT AS198953 PROTON66 remcos |
| 2025-01-24 06:13:42 UTC | 188.127.235.109:7443 | Unknown malware | RU | c2 shodan Mythic |
| 2025-01-24 06:41:50 UTC | 158.160.38.184:8080 | Unknown malware | RU | censys YANDEXCLOUD AS200350 GoPhish phishing |
| 2025-01-24 06:41:53 UTC | 195.2.73.29:443 | Unknown malware | RU | c2 censys AS48282 VDSINA-AS Loader NeptuneLoader |
| 2025-01-24 00:04:23 UTC | 77.223.100.85:7443 | Unknown malware | RU | c2 censys Mythic AS50340 SELECTEL-MSK |
| 2025-01-24 00:04:19 UTC | 185.147.124.186:15747 | SectopRAT | RU | c2 censys RAT sectop AS49505 SELECTEL |
| 2025-01-24 00:04:19 UTC | 185.147.124.186:15647 | SectopRAT | RU | c2 censys RAT sectop AS49505 SELECTEL |
| 2025-01-24 00:03:37 UTC | 185.147.39.227:9999 | Cobalt Strike | RU | c2 CobaltStrike cs-watermark-987654321 censys AS49505 SELECTEL |
| 2025-01-23 20:04:38 UTC | 89.169.133.155:443 | Havoc | RU | c2 censys YANDEXCLOUD AS200350 Havoc |