Dedicated IOC database focused on threat actors infrastructure based in Russia⚰️ and Belarus🥔 (RU/BY), providing up-to-date information on C2 and malware distribution servers for all interested parties.
Read our statement| First seen | IOC | Malware | Country | Tags |
|---|---|---|---|---|
| 2025-01-23 20:04:19 UTC | 185.147.124.178:15747 | SectopRAT | RU | c2 censys RAT sectop AS49505 SELECTEL |
| 2025-01-23 20:04:18 UTC | 185.147.124.178:15647 | SectopRAT | RU | c2 censys RAT sectop AS49505 SELECTEL |
| 2025-01-23 20:03:58 UTC | 193.143.1.103:443 | Coper | RU | censys Coper Octo Octo2 |
| 2025-01-23 20:03:57 UTC | 45.142.122.123:443 | Coper | RU | censys Coper Octo Octo2 |
| 2025-01-23 16:03:52 UTC | 82.147.88.203:2405 | Remcos | RU | c2 censys RAT remcos ADMAN-AS AS57494 |
| 2025-01-23 04:03:52 UTC | 195.133.46.118:443 | Sliver | RU | c2 censys AS214822 MTFINANCE-AS sliver |
| 2025-01-23 06:09:18 UTC | 83.151.14.2:9572 | XWorm | RU | iocbottest 22January2025 |
| 2025-01-22 19:42:54 UTC | 92.51.2.17:84 | Cobalt Strike | RU | c2 CobaltStrike shodan cs-watermark-1580103824 |
| 2025-01-22 17:23:58 UTC | 92.51.2.17:443 | Cobalt Strike | RU | c2 CobaltStrike shodan cs-watermark-1580103824 |
| 2025-01-22 16:49:42 UTC | 80.64.30.50:81 | Cobalt Strike | RU | CobaltStrike drb-ra |