IDRuleSource
84343096URLhaus Known malware download URL detected (3479996)abuse.ch/urlhaus
84342250URLhaus Known malware download URL detected (3479150)abuse.ch/urlhaus
2045885ET ATTACK_RESPONSE Mana Tools-Lone Wolf Admin Panel Inboundet/open
84339922URLhaus Known malware download URL detected (3476822)abuse.ch/urlhaus
84338504URLhaus Known malware download URL detected (3475404)abuse.ch/urlhaus
84338489URLhaus Known malware download URL detected (3475389)abuse.ch/urlhaus
84338486URLhaus Known malware download URL detected (3475386)abuse.ch/urlhaus
84338481URLhaus Known malware download URL detected (3475381)abuse.ch/urlhaus
84337799URLhaus Known malware download URL detected (3474699)abuse.ch/urlhaus
84337221URLhaus Known malware download URL detected (3474121)abuse.ch/urlhaus
84337220URLhaus Known malware download URL detected (3474120)abuse.ch/urlhaus
2009120ET ACTIVEX FlexCell Grid ActiveX Multiple Arbitrary File Overwriteet/open
2044430ET ATTACK_RESPONSE VBS/TrojanDownloader.Agent.YLH Payload Inboundet/open
84330904URLhaus Known malware download URL detected (3467804)abuse.ch/urlhaus
84329327URLhaus Known malware download URL detected (3466227)abuse.ch/urlhaus
84329085URLhaus Known malware download URL detected (3465985)abuse.ch/urlhaus
84329035URLhaus Known malware download URL detected (3465935)abuse.ch/urlhaus
84328965URLhaus Known malware download URL detected (3465865)abuse.ch/urlhaus
2018059ET MALWARE Possible KAPTOXA Encoded Data Transferred Over SMB 1et/open
2018060ET MALWARE Possible KAPTOXA Encoded Data Transferred Over SMB 2et/open
2018061ET MALWARE Possible KAPTOXA Encoded Data Transferred Over SMB 3et/open
2018062ET MALWARE Possible KAPTOXA Encoded Data Transferred Over SMB 4et/open
2018063ET MALWARE Possible KAPTOXA Encoded Data Transferred Over SMB 5et/open
2018064ET MALWARE Possible KAPTOXA Encoded Data Transferred Over SMB 6et/open
2018065ET MALWARE Possible KAPTOXA Encoded Data Transferred Over SMB 7et/open
2018066ET MALWARE Possible KAPTOXA Encoded Data Transferred Over SMB 8et/open
2018067ET MALWARE Possible KAPTOXA Encoded Data Transferred Over SMB 9et/open
2018068ET MALWARE Possible KAPTOXA Encoded Data Transferred Over SMB 10et/open
2018058ET MALWARE Possible KAPTOXA SMB Naming Formatet/open
2054815ET MOBILE_MALWARE Android/Mandrake CnC Domain in DNS Lookup (toxicodendron .ru)et/open
2054823ET MOBILE_MALWARE Observed Android/Mandrake CnC Domain (toxicodendron .ru) in TLS SNIet/open
2021204ET MALWARE DNS Query to TOX Ransomware onion (toxicola7qwv37qj)et/open
2021163ET MALWARE DNS Query to TOX Ransomware onion (wdthvb6jut2rupu4)et/open
2021164ET MALWARE DNS Query to TOX Ransomware onion (xwxwninkssujglja)et/open
2021165ET MALWARE DNS Query to TOX Ransomware onion (7fa6gldxg64t5wnt)et/open
84101128URLhaus Known malware download URL detected (3238028)abuse.ch/urlhaus
2049167ET INFO Tox Chat Domain in DNS Lookup (tox .chat)et/open
2049168ET INFO Observed Tox Chat Domain (tox .chat in TLS SNI)et/open
84214486URLhaus Known malware download URL detected (3351386)abuse.ch/urlhaus
2048917ET INFO Observed DNS Over HTTPS Domain (doh-primary-pool .detoxifypornblocker .com in TLS SNI)et/open
2034334ET MALWARE APT-C-59 Related Domain in DNS Lookupet/open
2023581ET MALWARE ABUSE.CH Ransomware/Cerber Onion Domain Lookupet/open
84282664URLhaus Known malware download URL detected (3419564)abuse.ch/urlhaus
2044974ET MALWARE PlutoCrypt Decryption Key Exfilet/open
2045841ET MALWARE Kraken Stealer SMTP Data Exfiltration Attemptet/open
84219217URLhaus Known malware download URL detected (3356117)abuse.ch/urlhaus
3313386🐾 - ☠ DNS request 🌐 --> 🎛 Possible C2 🔒 REvil/Sodinokibi ransomwarepawpatrules
2045184ET MALWARE DNS Query to Blind Eagle Domain (dfdagsdsag .con-ip .com)et/open
84354127URLhaus Known malware download URL detected (3491027)abuse.ch/urlhaus
84354131URLhaus Known malware download URL detected (3491031)abuse.ch/urlhaus