← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Threat Intel Report - W51-2025
WHITE aa00643640@techmahindra.com 2025-12-22 Modified: 2026-01-21
526
IOCs
HIGH VOLUME
These are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in the week.
clearfakemozisha valuesfile namesubmit datedateaddedmalware urltagsquasarratvalleyratsalatstealer
Indicators of Compromise (309 / 526 total)
All URL FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
URL http://103.146.23.241/aarch64 2025-12-22
URL http://103.146.23.241/arc 2025-12-22
URL http://103.146.23.241/arm4 2025-12-22
URL http://103.146.23.241/arm5 2025-12-22
URL http://103.146.23.241/arm7 2025-12-22
URL http://103.146.23.241/mpsl 2025-12-22
URL http://0.tcp.ap.ngrok.io:16495/ 2025-12-22
URL http://0.tcp.eu.ngrok.io:15869/ 2025-12-22
URL http://1.199.158.213 2025-12-22
URL http://103.130.212.195/realtime.exe 2025-12-22
URL http://103.146.23.241/curl.sh 7c54df1f3e34ae697a519f2654f25ae7727afc19c3f6d4bd7ad36918496ecf27 2025-12-22
URL http://103.146.23.241/mipsel 2025-12-22
URL http://103.146.23.241/wget.sh a290473152a45a20cfb20cc2633006e3419509c92144ae5ce2a05fc86331022e 2025-12-22
URL http://103.77.241.135/arm5 2025-12-22
URL http://103.77.241.135/i486 2025-12-22
URL http://103.77.241.135/m68k 2025-12-22
URL http://110.36.15.184:43465/bin.sh 2025-12-22
URL http://110.37.25.195:51517/i 2025-12-22
URL http://110.37.9.23:36303/bin.sh 2025-12-22
URL http://110.38.222.159:57858/i 2025-12-22
URL http://112.237.76.39:53620/i 2025-12-22
URL http://113.228.134.179:36942/i 2025-12-22
URL http://113.230.92.202:42227/bin.sh 2025-12-22
URL http://113.236.71.78:41858/i 2025-12-22
URL http://113.64.250.1:39780/bin.sh 2025-12-22
URL http://115.48.149.40:48889/bin.sh 2025-12-22
URL http://115.48.153.45:53973/i 2025-12-22
URL http://115.49.26.2:40307/i 2025-12-22
URL http://115.55.10.92:51604/i 2025-12-22
URL http://115.55.132.55:59799/i 2025-12-22
URL http://115.55.159.39:44818/i 2025-12-22
URL http://115.62.157.225:49461/i 2025-12-22
URL http://116.138.134.25:41941/i 2025-12-22
URL http://117.198.15.85:57904/Mozi.m 2025-12-22
URL http://117.205.166.149:45859/bin.sh 2025-12-22
URL http://117.209.25.91:59991/i 2025-12-22
URL http://117.217.209.103:33575/bin.sh 2025-12-22
URL http://117.223.22.15:60913/bin.sh 2025-12-22
URL http://117.245.209.70:33593/i 2025-12-22
URL http://119.115.73.26:40462/bin.sh 2025-12-22
URL http://119.117.60.193:34258/bin.sh 2025-12-22
URL http://119.179.215.154:55555/i 2025-12-22
URL http://122.193.144.29:55835/bin.sh 2025-12-22
URL http://123.11.202.74:43655/i 2025-12-22
URL http://123.12.232.40:58609/i 2025-12-22
URL http://123.129.135.167:54266/i 2025-12-22
URL http://123.188.7.207:37335/i 2025-12-22
URL http://123.189.154.117:37341/bin.sh 2025-12-22
URL http://123.190.31.208:37039/bin.sh 2025-12-22
URL http://123.5.187.37:58399/i 2025-12-22
URL http://123.9.195.68:47437/bin.sh 2025-12-22
URL http://124.238.116.41:54859/bin.sh 2025-12-22
URL http://125.46.198.16:58461/bin.sh 2025-12-22
URL http://130.12.180.64/bins/aaa 2025-12-22
URL http://130.12.180.64/bins/adi 2025-12-22
URL http://130.12.180.64/bins/bah 2025-12-22
URL http://130.12.180.64/bins/bork 2025-12-22
URL http://130.12.180.64/bins/brick.sh 2025-12-22
URL http://130.12.180.64/bins/calix 2025-12-22
URL http://130.12.180.64/bins/camera.sh 2025-12-22
URL http://130.12.180.64/bins/cnipc 2025-12-22
URL http://130.12.180.64/bins/cnr 2025-12-22
URL http://130.12.180.64/bins/esf 2025-12-22
URL http://130.12.180.64/bins/geo.sh 2025-12-22
URL http://130.12.180.64/bins/gig.sh 2025-12-22
URL http://130.12.180.64/bins/gpon 2025-12-22
URL http://130.12.180.64/bins/h.sh 2025-12-22
URL http://130.12.180.64/bins/hair.sh 2025-12-22
URL http://130.12.180.64/bins/hu 2025-12-22
URL http://130.12.180.64/bins/ipc.sh 2025-12-22
URL http://130.12.180.64/bins/irz 2025-12-22
URL http://130.12.180.64/bins/li.sh 2025-12-22
URL http://130.12.180.64/bins/lil 2025-12-22
URL http://130.12.180.64/bins/link.sh 2025-12-22
URL http://130.12.180.64/bins/lol 2025-12-22
URL http://130.12.180.64/bins/mass.sh 2025-12-22
URL http://130.12.180.64/bins/n 2025-12-22
URL http://130.12.180.64/bins/n.sh 2025-12-22
URL http://130.12.180.64/bins/old.go 2025-12-22
URL http://130.12.180.64/bins/olor 2025-12-22
URL http://130.12.180.64/bins/ont.sh 2025-12-22
URL http://130.12.180.64/bins/plc 2025-12-22
URL http://130.12.180.64/bins/po 2025-12-22
URL http://130.12.180.64/bins/rob 2025-12-22
URL http://130.12.180.64/bins/sd 2025-12-22
URL http://130.12.180.64/bins/sksk 2025-12-22
URL http://130.12.180.64/bins/smd.sh 2025-12-22
URL http://130.12.180.64/bins/ssh 2025-12-22
URL http://130.12.180.64/bins/test 2025-12-22
URL http://130.12.180.64/bins/thc.sh 2025-12-22
URL http://130.12.180.64/bins/w 2025-12-22
URL http://130.12.180.64/bins/wget.sh 2025-12-22
URL http://130.12.180.64/bins/wgets.sh 2025-12-22
URL http://130.12.180.64/bins/x.sh 2025-12-22
URL http://130.12.180.64/bins/zm 2025-12-22
URL http://130.12.180.64/bins/zxc.s 2025-12-22
URL http://138.207.174.248:56078/i 2025-12-22
URL http://143.20.37.250/cache 2025-12-22
URL http://157.15.98.82/bot.arm7 2025-12-22
URL http://157.15.98.82/hiddenbin/boatnet.arm 2025-12-22
URL http://157.15.98.82/hiddenbin/boatnet.arm7 2025-12-22
URL http://160.250.132.50/hiddenbin/boatnet.arm 2025-12-22
URL http://160.250.132.50/hiddenbin/boatnet.arm5 2025-12-22
URL http://160.250.132.50/hiddenbin/boatnet.arm6 2025-12-22
URL http://160.250.132.50/hiddenbin/boatnet.arm7 2025-12-22
URL http://160.250.132.50/hiddenbin/boatnet.m68k 2025-12-22
URL http://160.250.132.50/hiddenbin/boatnet.mpsl 2025-12-22
URL http://160.250.132.50/hiddenbin/boatnet.ppc 2025-12-22
URL http://160.250.132.50/hiddenbin/boatnet.sh4 2025-12-22
URL http://175.148.3.232:39941/bin.sh 2025-12-22
URL http://175.166.123.61:47450/i 2025-12-22
URL http://175.167.184.131:45787/bin.sh 2025-12-22
URL http://175.175.107.111:39199/i 2025-12-22
URL http://176.65.132.139/hiddenbin/boatnet.arc 2025-12-22
URL http://178.16.55.189/files/1103877553/wyBzFsx.exe 2025-12-22
URL http://178.16.55.189/files/7044575709/kvAJ1fO.exe 2025-12-22
URL http://178.16.55.189/files/8359477113/wkX6E3m.exe 2025-12-22
URL http://178.16.55.189/files/8411322355/7X7EgCn.exe 2025-12-22
URL http://182.112.102.244:40144/bin.sh 2025-12-22
URL http://182.113.223.146:34563/bin.sh 2025-12-22
URL http://182.113.33.254:48859/bin.sh 2025-12-22
URL http://182.113.33.254:48859/i 2025-12-22
URL http://182.123.210.172:54346/i 2025-12-22
URL http://182.127.68.104:54480/bin.sh 2025-12-22
URL http://182.173.199.8:53862/bin.sh 2025-12-22
URL http://182.173.199.8:53862/i 2025-12-22
URL http://182.60.8.102:50716/bin.sh 2025-12-22
URL http://194.106.197.80:49207/bin.sh 2025-12-22
URL http://194.106.197.80:49207/i 2025-12-22
URL http://196.188.76.254:36213/i 2025-12-22
URL http://196.189.9.27:57374/i 2025-12-22
URL http://196.190.133.180:42514/bin.sh 2025-12-22
URL http://2.187.6.236:51400/.i 2025-12-22
URL http://2.tcp.eu.ngrok.io:14336/ 2025-12-22
URL http://219.155.228.158:46010/bin.sh 2025-12-22
URL http://219.155.228.158:46010/i 2025-12-22
URL http://221.13.221.227:43769/bin.sh 2025-12-22
URL http://221.15.12.197:34059/i 2025-12-22
URL http://221.15.79.61:36739/i 2025-12-22
URL http://222.137.146.126:41760/bin.sh 2025-12-22
URL http://222.140.159.11:55422/i 2025-12-22
URL http://27.207.1.247:50213/i 2025-12-22
URL http://27.219.137.68:47522/i 2025-12-22
URL http://27.37.121.255:34390/i 2025-12-22
URL http://37.55.197.206:38606/bin.sh 2025-12-22
URL http://39.74.246.35:35826/bin.sh 2025-12-22
URL http://39.74.246.35:35826/i 2025-12-22
URL http://42.176.248.199:44200/i 2025-12-22
URL http://42.177.211.254:57861/bin.sh 2025-12-22
URL http://42.224.78.182:34715/bin.sh 2025-12-22
URL http://42.229.160.131:59755/bin.sh 2025-12-22
URL http://42.229.160.131:59755/i 2025-12-22
URL http://42.229.169.20:43893/i 2025-12-22
URL http://42.231.248.130:35484/bin.sh 2025-12-22
URL http://42.231.248.130:35484/i 2025-12-22
URL http://42.231.45.232:52131/i 2025-12-22
URL http://42.234.151.74:56443/i 2025-12-22
URL http://42.235.188.232:53296/bin.sh 2025-12-22
URL http://42.235.60.82:60271/i 2025-12-22
URL http://42.239.227.236:33535/bin.sh 2025-12-22
URL http://42.58.143.202:47879/bin.sh 2025-12-22
URL http://45.125.66.56/arm4 2025-12-22
URL http://46.200.34.50:47722/i 2025-12-22
URL http://58.174.48.169:43308/bin.sh 2025-12-22
URL http://59.15.217.63:37646/.i 2025-12-22
URL http://6.tcp.eu.ngrok.io:10324/ 2025-12-22
URL http://6.tcp.eu.ngrok.io:16451/ 2025-12-22
URL http://6.tcp.eu.ngrok.io:16457/ 2025-12-22
URL http://6.tcp.ngrok.io:14412/ 2025-12-22
URL http://6.tcp.ngrok.io:4782/ 2025-12-22
URL http://60.17.66.55:57771/i 2025-12-22
URL http://60.18.105.70:40289/i 2025-12-22
URL http://60.22.8.56:51142/bin.sh 2025-12-22
URL http://61.52.218.56:57387/bin.sh 2025-12-22
URL http://78.165.253.129:50375/bin.sh 2025-12-22
URL http://78.165.253.129:50375/i 2025-12-22
URL http://85.106.82.119:42516/i 2025-12-22
URL http://89.32.41.193/hiddenbin/boatnet.arc 2025-12-22
URL http://89.32.41.193/hiddenbin/boatnet.m68k 2025-12-22
URL http://89.32.41.193/hiddenbin/boatnet.mips 2025-12-22
URL http://89.32.41.193/hiddenbin/boatnet.mpsl 2025-12-22
URL http://89.32.41.193/hiddenbin/boatnet.ppc 2025-12-22
URL http://89.32.41.193/hiddenbin/boatnet.sh4 2025-12-22
URL http://89.32.41.193/hiddenbin/boatnet.x86 2025-12-22
URL http://EdgyxNatexx-23830.portmap.io:23830/ 2025-12-22
URL http://church-apr.gl.at.ply.gg/:31194 2025-12-22
URL http://impact-eventually.at.playit.gg/tcp:60550 2025-12-22
URL http://telize.com/geoip 2025-12-22
URL http://www.telize.com/geoip 2025-12-22
URL https://1r18.pl0tchisel.ru/fq9up2o5 2025-12-22
URL https://1r18.pl0tchisel.ru/k1j3udx1 2025-12-22
URL https://1yy.fog-tangent.ru/35xmbxbc 2025-12-22
URL https://1yy.fog-tangent.ru/ozadpzvf 2025-12-22
URL https://8x.datam1st.ru/0y9qw8er 2025-12-22
URL https://8x.datam1st.ru/mf864e58 2025-12-22
URL https://91.200.220.143/shadow.sh 2025-12-22
URL https://9x.windl1nk.ru/du0q1tz3 2025-12-22
URL https://9x.windl1nk.ru/qylpb804 2025-12-22
URL https://ambr.am0rc2thed.ru/8bfs3q12 2025-12-22
URL https://ambr.am0rc2thed.ru/a161uz16 2025-12-22
URL https://augur3.con5epr0phet.ru/8qtpbsjd 2025-12-22
URL https://augur3.con5epr0phet.ru/dzxy8yas 2025-12-22
URL https://braid.doub1ebarzu8.ru/4uj4or5l 2025-12-22
URL https://braid.doub1ebarzu8.ru/zbcew3xn 2025-12-22
URL https://broth.s0uponwe2ther.ru/18isq188 2025-12-22
URL https://broth.s0uponwe2ther.ru/rf23ug68 2025-12-22
URL https://cadence.ch0reo8fin.ru/nivayxtv 2025-12-22
URL https://cam1.j1tmech2nic.ru/8nyustcq 2025-12-22
URL https://cam1.j1tmech2nic.ru/jqfz5ln7 2025-12-22
URL https://canon.con5epr0phet.ru/vk5fb7r5 2025-12-22
URL https://canto2.am0rc2thed.ru/fwcbew5d 2025-12-22
URL https://canto2.am0rc2thed.ru/zag7mapa 2025-12-22
URL https://clear.datam1st.ru/nhdtf3aq 2025-12-22
URL https://clear.datam1st.ru/ooykgz2r 2025-12-22
URL https://copper.windl1nk.ru/iblgksgy 2025-12-22
URL https://crest.datam1st.ru/1k8zuu3v 2025-12-22
URL https://crypt7.l2mbl1vonian.ru/ju2y6p15 2025-12-22
URL https://crypt7.l2mbl1vonian.ru/l6k82da5 2025-12-22
URL https://discordinit.ddns.net:4782/ 2025-12-22
URL https://feld2.c2tt1eschlen.ru/h6h3xigx 2025-12-22
URL https://gate.wavec0met.ru/70tbyx7x 2025-12-22
URL https://gear.j1tmech2nic.ru/xpokmg0n 2025-12-22
URL https://glyph.s1umtypo1ogy.ru/8axgbsz2 2025-12-22
URL https://glyph.s1umtypo1ogy.ru/irdudb8x 2025-12-22
URL https://hearth.drau8htl0dg.ru/m7n9ktfg 2025-12-22
URL https://hearth.drau8htl0dg.ru/qxd9hbmm 2025-12-22
URL https://josqen.chup7unwhe7e.ru/852bbr90 2025-12-22
URL https://josqen.chup7unwhe7e.ru/kmprj7v4 2025-12-22
URL https://k9.pl0tchisel.ru/cdi8l04q 2025-12-22
URL https://k9.pl0tchisel.ru/usf8gcdw 2025-12-22
URL https://kerning.s1umtypo1ogy.ru/lk4ezzlp 2025-12-22
URL https://knit.fog-tangent.ru/9vt1mbsa 2025-12-22
URL https://knit.fog-tangent.ru/h5ix3jyp 2025-12-22
URL https://knit.fog-tangent.ru/l4zysysb 2025-12-22
URL https://ladle.s0uponwe2ther.ru/8kqp6o89 2025-12-22
URL https://ladle.s0uponwe2ther.ru/rtiebclz 2025-12-22
URL https://larva.ent0molobo1t.ru/omwccffb 2025-12-22
URL https://lathe.j1tmech2nic.ru/jshbmrhx 2025-12-22
URL https://locus.l2mbl1vonian.ru/9lqoemhk 2025-12-22
URL https://locus.l2mbl1vonian.ru/tw0eq13v 2025-12-22
URL https://lumen.am0rc2thed.ru/lsp5y3ke 2025-12-22
URL https://lumvot.chup7unwhe7e.ru/ek8snmzc 2025-12-22
URL https://lumvot.chup7unwhe7e.ru/er7kucr0 2025-12-22
URL https://m9q9.v1braclaw.ru/hd85hdam 2025-12-22
URL https://myrmex3.ent0molobo1t.ru/ctjy97ww 2025-12-22
URL https://nexus.cherec0nce7t.ru/885ytd9g 2025-12-22
URL https://nexus.cherec0nce7t.ru/i0qq5aq0 2025-12-22
URL https://o1h5i.datam1st.ru/ihckag03 2025-12-22
URL https://o1h5i.datam1st.ru/ix2r35ft 2025-12-22
URL https://ocnbn.fog-tangent.ru/qzhnnpl8 2025-12-22
URL https://pamxeg.humb1epr2bab.ru/ghbc69nj 2025-12-22
URL https://pfad.c2tt1eschlen.ru/p3y315k5 2025-12-22
URL https://pfad.c2tt1eschlen.ru/zp2sheua 2025-12-22
URL https://pivot.cherec0nce7t.ru/1svuu02h 2025-12-22
URL https://pivot.cherec0nce7t.ru/efoh8ix4 2025-12-22
URL https://pivot8.ch0reo8fin.ru/ckn867rs 2025-12-22
URL https://pivot8.ch0reo8fin.ru/yajtd0q0 2025-12-22
URL https://pixel.v1braclaw.ru/06i8koj2 2025-12-22
URL https://pixel.v1braclaw.ru/vywodjth 2025-12-22
URL https://prion5.ent0molobo1t.ru/9lkcec6r 2025-12-22
URL https://prion5.ent0molobo1t.ru/br7hqtkv 2025-12-22
URL https://puf0.windl1nk.ru/drp7xppb 2025-12-22
URL https://puf0.windl1nk.ru/hoskwsno 2025-12-22
URL https://purge.baib2kcle2r.ru/63thjhq9 2025-12-22
URL https://purge.baib2kcle2r.ru/ki468yb9 2025-12-22
URL https://qelmot.humb1epr2bab.ru/fkbctwsd 2025-12-22
URL https://reset.baib2kcle2r.ru/5khrqes6 2025-12-22
URL https://reset.baib2kcle2r.ru/xo25adjl 2025-12-22
URL https://rhein.c2tt1eschlen.ru/072hq7nn 2025-12-22
URL https://rhein.c2tt1eschlen.ru/9opxmc03 2025-12-22
URL https://rhythm.ch0reo8fin.ru/z3457x3q 2025-12-22
URL https://rhythm.ch0reo8fin.ru/zsowrf0d 2025-12-22
URL https://rinse3.baib2kcle2r.ru/al2cjjs1 2025-12-22
URL https://rinse3.baib2kcle2r.ru/wrno0w87 2025-12-22
URL https://rutfan.humb1epr2bab.ru/4xx5suub 2025-12-22
URL https://rutfan.humb1epr2bab.ru/7yaer4ke 2025-12-22
URL https://sable.l2mbl1vonian.ru/dl009wk4 2025-12-22
URL https://sable.l2mbl1vonian.ru/h9bi7txa 2025-12-22
URL https://script.con5epr0phet.ru/bkmd0xdr 2025-12-22
URL https://script.con5epr0phet.ru/ccr7ahdf 2025-12-22
URL https://serif2.s1umtypo1ogy.ru/0mdyt3wa 2025-12-22
URL https://sibyl.con5epr0phet.ru/l3qaj3m8 2025-12-22
URL https://spark.baib2kcle2r.ru/804ieis7 2025-12-22
URL https://spark.baib2kcle2r.ru/eos4lo15 2025-12-22
URL https://spool.doub1ebarzu8.ru/hmvoldxl 2025-12-22
URL https://spool.doub1ebarzu8.ru/inh9ckdy 2025-12-22
URL https://spore.ent0molobo1t.ru/6qpwmrur 2025-12-22
URL https://stir3.s0uponwe2ther.ru/13dkih2s 2025-12-22
URL https://stitch5.doub1ebarzu8.ru/am59kw9o 2025-12-22
URL https://stitch5.doub1ebarzu8.ru/okc0flp4 2025-12-22
URL https://tangent.fog-tangent.ru/hxwhzh3p 2025-12-22
URL https://tangent.fog-tangent.ru/qktz5rd2 2025-12-22
URL https://tempo.ch0reo8fin.ru/fc11dk18 2025-12-22
URL https://tempo.ch0reo8fin.ru/mit4yjqs 2025-12-22
URL https://tezqiw.chup7unwhe7e.ru/2iakwdu1 2025-12-22
URL https://tezqiw.chup7unwhe7e.ru/g39zc6si 2025-12-22
URL https://thorax.ent0molobo1t.ru/7ijmzr0p 2025-12-22
URL https://torque.j1tmech2nic.ru/31cuug8v 2025-12-22
URL https://trame4.cherec0nce7t.ru/cshs5iks 2025-12-22
URL https://trame4.cherec0nce7t.ru/rg2zn53f 2025-12-22
URL https://twine.doub1ebarzu8.ru/gc4dzdw8 2025-12-22
URL https://twine.doub1ebarzu8.ru/ti115i73 2025-12-22
URL https://umbel.l2mbl1vonian.ru/7b6pqazh 2025-12-22
URL https://umbel.l2mbl1vonian.ru/xhl7ri52 2025-12-22
URL https://vellum.l2mbl1vonian.ru/an7n4y1g 2025-12-22
URL https://vellum.l2mbl1vonian.ru/poxrhi9o 2025-12-22
URL https://vixqew.humb1epr2bab.ru/z75vg8yo 2025-12-22
URL https://wimqaz.gir1y5om.ru/r7tbc42r 2025-12-22
URL https://wimqaz.gir1y5om.ru/snwai1mw 2025-12-22
References (2)
↗ https://any.run/malware-trends/ ↗ https://urlhaus.abuse.ch/