← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Threat Intel Report - W52-2025
WHITE aa00643640@techmahindra.com 2025-12-29 Modified: 2026-01-28
614
IOCs
HIGH VOLUME
These are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in the week.
moziclearfakecoinminerquasarrat linkusa x86hashesurls httpsdomainssha valuesfile name
Indicators of Compromise (300 / 614 total)
All URL domain FileHash-MD5 FileHash-SHA1 FileHash-SHA256 hostname
TYPEINDICATORDESCRIPTIONCREATED
URL https://shellnescarlett.com/auth 2025-12-29
URL http://0.tcp.ap.ngrok.io:16495/ 2025-12-29
URL http://0.tcp.eu.ngrok.io/ 2025-12-29
URL http://0.tcp.eu.ngrok.io:15869/ 2025-12-29
URL http://1.199.158.213 2025-12-29
URL http://1.58.34.11:44032/bin.sh 2025-12-29
URL http://1.58.34.11:44032/i 2025-12-29
URL http://103.77.241.135//arm5 2025-12-29
URL http://110.36.0.116:38067/bin.sh 2025-12-29
URL http://110.36.0.116:38067/i 2025-12-29
URL http://110.36.0.116:41100/bin.sh 2025-12-29
URL http://110.36.0.116:41100/i 2025-12-29
URL http://110.36.0.99:55398/i 2025-12-29
URL http://110.36.15.176:45166/i 2025-12-29
URL http://110.36.15.190:35869/i 2025-12-29
URL http://110.37.29.156:57428/bin.sh 2025-12-29
URL http://110.37.29.156:57428/i 2025-12-29
URL http://110.37.33.206:37718/bin.sh 2025-12-29
URL http://110.37.33.206:37718/i 2025-12-29
URL http://110.37.35.103:38235/bin.sh 2025-12-29
URL http://110.37.35.103:38235/i 2025-12-29
URL http://110.37.38.126:55493/i 2025-12-29
URL http://110.37.42.225:36230/i 2025-12-29
URL http://110.37.45.148:44543/i 2025-12-29
URL http://110.37.52.120:39138/bin.sh 2025-12-29
URL http://110.37.53.184:47933/i 2025-12-29
URL http://110.37.72.40:60720/bin.sh 2025-12-29
URL http://110.37.74.239:34934/i 2025-12-29
URL http://110.37.87.223:49874/i 2025-12-29
URL http://110.37.97.128:56105/bin.sh 2025-12-29
URL http://110.37.97.128:56105/i 2025-12-29
URL http://110.39.233.226:45734/bin.sh 2025-12-29
URL http://110.39.237.16:35862/bin.sh 2025-12-29
URL http://110.39.241.244:45961/i 2025-12-29
URL http://110.39.251.127:57629/bin.sh 2025-12-29
URL http://112.248.103.196:38805/bin.sh 2025-12-29
URL http://112.248.103.7:55424/i 2025-12-29
URL http://113.221.38.41:4225/.i 2025-12-29
URL http://113.228.105.180:56245/bin.sh 2025-12-29
URL http://113.236.151.103:34079/bin.sh 2025-12-29
URL http://115.48.153.23:46012/i 2025-12-29
URL http://115.49.251.172:46413/bin.sh 2025-12-29
URL http://115.49.251.172:46413/i 2025-12-29
URL http://115.52.25.21:34417/bin.sh 2025-12-29
URL http://115.52.25.21:34417/i 2025-12-29
URL http://115.54.172.146:15628/bin.sh 2025-12-29
URL http://115.54.172.146:15628/i 2025-12-29
URL http://115.55.56.248:58718/i 2025-12-29
URL http://115.61.9.33:49309/i 2025-12-29
URL http://115.62.186.246:36920/i 2025-12-29
URL http://117.205.94.29:41976/bin.sh 2025-12-29
URL http://117.205.94.29:41976/i 2025-12-29
URL http://117.209.16.32:48410/bin.sh 2025-12-29
URL http://117.244.64.229:42380/bin.sh 2025-12-29
URL http://119.117.184.47:51727/i 2025-12-29
URL http://119.117.248.176:57153/bin.sh 2025-12-29
URL http://119.117.248.176:57153/i 2025-12-29
URL http://123.10.153.189:39255/bin.sh 2025-12-29
URL http://123.10.153.189:39255/i 2025-12-29
URL http://123.11.233.41:35531/bin.sh 2025-12-29
URL http://123.12.195.166:57327/i 2025-12-29
URL http://123.12.225.185:46421/bin.sh 2025-12-29
URL http://123.14.38.108:46792/bin.sh 2025-12-29
URL http://123.5.159.7:48381/bin.sh 2025-12-29
URL http://123.5.190.85:55574/i 2025-12-29
URL http://123.7.223.57:37221/i 2025-12-29
URL http://123.8.8.148:44813/bin.sh 2025-12-29
URL http://125.41.2.243:32884/i 2025-12-29
URL http://125.43.46.201:36739/bin.sh 2025-12-29
URL http://125.43.46.201:36739/i 2025-12-29
URL http://125.44.19.0:33220/i 2025-12-29
URL http://130.12.180.126/m 2025-12-29
URL http://130.12.180.43/files/1781548144/3Mn8w93.exe 2025-12-29
URL http://130.12.180.43/files/1781548144/vYh2eCB.exe 2025-12-29
URL http://130.12.180.43/files/321m/random.exe 2025-12-29
URL http://130.12.180.43/files/6579614727/grjioqD.exe 2025-12-29
URL http://130.12.180.43/files/67947251/GggOlM1.exe 2025-12-29
URL http://130.12.180.43/files/67947251/z0Gho5y.exe 2025-12-29
URL http://130.12.180.43/files/748049926/L7Q15AV.exe 2025-12-29
URL http://130.12.180.43/files/8191817615/kajT27I.exe 2025-12-29
URL http://130.12.180.43/files/8278288380/Fn9aleP.exe 2025-12-29
URL http://130.12.180.43/files/8278288380/WsFbrLC.exe 2025-12-29
URL http://130.12.180.43/files/unique5/random.exe 2025-12-29
URL http://130.12.180.48/ftpget.sh 2025-12-29
URL http://130.12.180.85/file/data.mipsel 2025-12-29
URL http://172.104.181.205/arm 2025-12-29
URL http://172.104.181.205/mips 2025-12-29
URL http://173.28.101.7:46079/i 2025-12-29
URL http://175.148.42.218:57515/bin.sh 2025-12-29
URL http://175.148.42.218:57515/i 2025-12-29
URL http://175.167.164.207:38449/bin.sh 2025-12-29
URL http://175.174.75.73:47268/bin.sh 2025-12-29
URL http://175.174.75.73:47268/i 2025-12-29
URL http://175.175.128.108:50858/i 2025-12-29
URL http://176.226.129.38:40829/i 2025-12-29
URL http://178.16.55.189/files/re/random.exe 2025-12-29
URL http://179.108.89.220:51237/i 2025-12-29
URL http://180.191.52.105:38859/bin.sh 2025-12-29
URL http://182.112.221.211:33370/bin.sh 2025-12-29
URL http://182.112.221.211:33370/i 2025-12-29
URL http://182.112.230.105:48432/i 2025-12-29
URL http://182.116.123.23:45755/i 2025-12-29
URL http://182.116.53.31:53913/i 2025-12-29
URL http://182.117.165.175:51415/bin.sh 2025-12-29
URL http://182.117.165.175:51415/i 2025-12-29
URL http://182.117.55.230:53374/i 2025-12-29
URL http://182.119.177.38:60457/i 2025-12-29
URL http://182.120.138.21:33309/bin.sh 2025-12-29
URL http://182.120.138.21:33309/i 2025-12-29
URL http://182.120.166.0:49030/i 2025-12-29
URL http://182.121.112.91:45416/bin.sh 2025-12-29
URL http://182.121.202.149:51491/bin.sh 2025-12-29
URL http://182.121.245.103:46094/i 2025-12-29
URL http://182.121.9.88:52141/bin.sh 2025-12-29
URL http://182.122.229.181:36181/bin.sh 2025-12-29
URL http://182.123.223.93:57221/bin.sh 2025-12-29
URL http://182.126.117.80:59377/bin.sh 2025-12-29
URL http://182.126.117.80:59377/i 2025-12-29
URL http://182.126.124.156:40087/i 2025-12-29
URL http://182.126.124.245:55591/i 2025-12-29
URL http://182.146.222.245:55841/bin.sh 2025-12-29
URL http://186.215.245.175:49080/bin.sh 2025-12-29
URL http://196.190.11.194:37968/bin.sh 2025-12-29
URL http://2.tcp.eu.ngrok.io/ 2025-12-29
URL http://2.tcp.eu.ngrok.io:14336/ 2025-12-29
URL http://213.202.211.46/AB4g5/Josho.arm 2025-12-29
URL http://213.202.211.46/AB4g5/Josho.arm6 2025-12-29
URL http://213.202.211.46/AB4g5/Josho.arm7 2025-12-29
URL http://213.202.211.46/AB4g5/Josho.m68k 2025-12-29
URL http://213.202.211.46/AB4g5/Josho.mips 2025-12-29
URL http://213.202.211.46/AB4g5/Josho.mpsl 2025-12-29
URL http://213.202.211.46/AB4g5/Josho.ppc 2025-12-29
URL http://213.202.211.46/AB4g5/Josho.sh4 2025-12-29
URL http://213.202.211.46/AB4g5/Josho.spc 2025-12-29
URL http://213.202.211.46/AB4g5/Josho.x86 2025-12-29
URL http://219.154.150.189:35531/i 2025-12-29
URL http://219.155.135.231:43107/i 2025-12-29
URL http://219.156.129.146:49523/i 2025-12-29
URL http://219.156.28.119:45345/i 2025-12-29
URL http://219.157.21.224:34015/bin.sh 2025-12-29
URL http://219.157.21.224:34015/i 2025-12-29
URL http://219.157.30.184:40231/bin.sh 2025-12-29
URL http://219.157.30.184:40231/i 2025-12-29
URL http://222.137.22.9:35309/i 2025-12-29
URL http://222.137.38.215:55691/bin.sh 2025-12-29
URL http://222.137.38.215:55691/i 2025-12-29
URL http://222.140.129.153:35003/i 2025-12-29
URL http://222.140.185.173:42074/i 2025-12-29
URL http://222.142.255.112:57577/bin.sh 2025-12-29
URL http://222.246.43.99:34574/i 2025-12-29
URL http://23.88.36.149/ 2025-12-29
URL http://23.88.36.149/897 2025-12-29
URL http://23.88.36.149/package.zip 25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393 2025-12-29
URL http://23.92.130.154:57528/bin.sh 2025-12-29
URL http://27.193.61.226:34661/i 2025-12-29
URL http://27.202.16.46:41264/bin.sh 2025-12-29
URL http://27.202.16.46:41264/i 2025-12-29
URL http://27.207.4.132:41298/bin.sh 2025-12-29
URL http://39.74.112.62:55295/i 2025-12-29
URL http://4.tcp.eu.ngrok.io/ 2025-12-29
URL http://4.tcp.ngrok.io/ 2025-12-29
URL http://42.179.11.4:60124/i 2025-12-29
URL http://42.224.169.225:43083/bin.sh 2025-12-29
URL http://42.224.169.225:43083/i 2025-12-29
URL http://42.224.92.157:54548/bin.sh 2025-12-29
URL http://42.224.92.157:54548/i 2025-12-29
URL http://42.228.105.136:34224/i 2025-12-29
URL http://42.229.162.243:38089/bin.sh 2025-12-29
URL http://42.230.219.35:54925/bin.sh 2025-12-29
URL http://42.231.29.21:49521/bin.sh 2025-12-29
URL http://42.231.29.21:49521/i 2025-12-29
URL http://42.232.182.160:36277/bin.sh 2025-12-29
URL http://42.232.182.160:36277/i 2025-12-29
URL http://42.235.48.237:48020/i 2025-12-29
URL http://42.237.53.103:59653/i 2025-12-29
URL http://42.238.235.124:39690/i 2025-12-29
URL http://42.239.149.205:41917/bin.sh 2025-12-29
URL http://42.239.150.41:41917/i 2025-12-29
URL http://42.239.152.4:59514/i 2025-12-29
URL http://42.57.199.233:55377/bin.sh 2025-12-29
URL http://42.59.88.23:53544/bin.sh 2025-12-29
URL http://42.59.88.23:53544/i 2025-12-29
URL http://42.6.185.234:58971/bin.sh 2025-12-29
URL http://42.7.132.135:39679/i 2025-12-29
URL http://42.86.59.54:49341/i 2025-12-29
URL http://47.120.43.29:60114/linux 2025-12-29
URL http://5.255.127.15/arm 2025-12-29
URL http://5.255.127.15/mips 2025-12-29
URL http://59.177.99.218:58068/bin.sh 2025-12-29
URL http://59.177.99.218:58068/i 2025-12-29
URL http://59.88.233.48:32923/i 2025-12-29
URL http://59.95.80.3:44736/bin.sh 2025-12-29
URL http://59.95.80.3:44736/i 2025-12-29
URL http://6.tcp.eu.ngrok.io:10324/ 2025-12-29
URL http://6.tcp.eu.ngrok.io:16451/ 2025-12-29
URL http://6.tcp.eu.ngrok.io:16457/ 2025-12-29
URL http://6.tcp.ngrok.io:14412/ 2025-12-29
URL http://6.tcp.ngrok.io:4782/ 2025-12-29
URL http://60.161.47.170:53859/i 2025-12-29
URL http://60.18.69.147:57231/bin.sh 2025-12-29
URL http://60.18.69.147:57231/i 2025-12-29
URL http://60.23.235.249:58996/bin.sh 2025-12-29
URL http://60.23.235.249:58996/i 2025-12-29
URL http://61.163.144.94:49450/i 2025-12-29
URL http://61.176.196.107:36190/bin.sh 2025-12-29
URL http://61.52.112.12:34130/i 2025-12-29
URL http://61.53.132.4:40947/i 2025-12-29
URL http://61.53.138.237:45304/bin.sh 2025-12-29
URL http://61.53.138.237:45304/i 2025-12-29
URL http://61.53.192.182:44312/i 2025-12-29
URL http://61.54.69.56:35635/bin.sh 2025-12-29
URL http://66.179.93.123/wtf/lowkey/b5d1hc 2025-12-29
URL http://66.179.93.123/wtf/lowkey/icevyf 2025-12-29
URL http://66.179.93.123/wtf/lowkey/jptqyo 2025-12-29
URL http://76.72.238.134:52935/bin.sh 2025-12-29
URL http://77.236.74.65:43334/i 2025-12-29
URL http://78.165.124.29:50375/bin.sh 2025-12-29
URL http://78.165.194.63:50375/bin.sh 2025-12-29
URL http://79.106.64.26:48552/bin.sh 2025-12-29
URL http://79.106.64.26:48552/i 2025-12-29
URL http://8.210.128.105:60113/linux 2025-12-29
URL http://85.106.87.221:42516/bin.sh 2025-12-29
URL http://85.234.127.1:18254/i 2025-12-29
URL http://85.99.67.214:42516/bin.sh 2025-12-29
URL http://85.99.67.214:42516/i 2025-12-29
URL http://91.208.206.49/no_killer/arm7 2025-12-29
URL http://91.208.206.49/no_killer/mips 2025-12-29
URL http://91.208.206.49/no_killer/ppc 2025-12-29
URL http://91.208.206.49/no_killer/sh4 2025-12-29
URL http://94.156.152.67/bin 2025-12-29
URL http://94.156.152.67/kla.sh 2025-12-29
URL http://94.156.152.67/pay 2025-12-29
URL http://94.156.152.67/yarn 2025-12-29
URL http://95.6.24.96:59157/i 2025-12-29
URL http://EdgyxNatexx-23830.portmap.io:23830/ 2025-12-29
URL http://HurensohnListe-31639.portmap.io/ 2025-12-29
URL http://HurensohnListe-31639.portmap.io:31639/ 2025-12-29
URL http://HurensohnListe-52132.portmap.io/ 2025-12-29
URL http://church-apr.gl.at.ply.gg/:31194 2025-12-29
URL http://hieuanh-49217.portmap.host:49217/ 2025-12-29
URL http://hieuanh-52625.portmap.host:52625/ 2025-12-29
URL http://hieuanh-58355.portmap.host:58355/ 2025-12-29
URL http://hieuanh1-25700.portmap.host:25700/ 2025-12-29
URL http://hieuanh1-42498.portmap.host:42498/ 2025-12-29
URL http://impact-eventually.at.playit.gg/tcp:60550 2025-12-29
URL http://itskuba.com/1g/1.jpg 2025-12-29
URL http://itskuba.com/1g/2.jpg 2025-12-29
URL http://itskuba.com/1g/3.jpg 2025-12-29
URL http://itskuba.com/1g/4.jpg 2025-12-29
URL http://itskuba.com/1g/6.jpg 2025-12-29
URL http://standart-south.at.playit.gg/ 2025-12-29
URL http://telize.com/geoip 2025-12-29
URL http://vidro1.zzz.com.ua/ 2025-12-29
URL http://vidro1.zzz.com.ua/11 2025-12-29
URL http://worthknowing.us/1.jpg 2025-12-29
URL http://worthknowing.us/2.jpg 2025-12-29
URL http://worthknowing.us/3.jpg 2025-12-29
URL http://worthknowing.us/4.jpg 2025-12-29
URL http://worthknowing.us/5.jpg 2025-12-29
URL http://worthknowing.us/6.jpg 2025-12-29
URL http://worthknowing.us/7.jpg 2025-12-29
URL http://www.itskuba.com/1g/2.jpg 2025-12-29
URL http://www.itskuba.com/1g/3.jpg 2025-12-29
URL http://www.itskuba.com/1g/5.jpg 2025-12-29
URL http://www.telize.com/geoip 2025-12-29
URL https://1ovxt.cloudf1eld.ru/bh3vjp9s 2025-12-29
URL https://8z.darkf0x.ru/an5prjld 2025-12-29
URL https://awq.bluec0rest.ru/4lkwzodt 2025-12-29
URL https://cradle.fl0wmortar.ru/35hp14v5 2025-12-29
URL https://d0cf-47-149-75-215.ngrok.io/ 2025-12-29
URL https://db33.n1ghtflow.ru/dfqksq1z 2025-12-29
URL https://dby.bluec0rest.ru/ukxx3pzu 2025-12-29
URL https://discordinit.ddns.net:4782/ 2025-12-29
URL https://eq.cloudf1eld.ru/062prn4f 2025-12-29
URL https://eqj.cloudf1eld.ru/pmnd8jkr 2025-12-29
URL https://g4tb.t0ppleseed.ru/s28km4it 2025-12-29
URL https://gate.skyf0rge.ru/zg6z076g 2025-12-29
URL https://id.n1ghtcore.ru/8l4si8pg 2025-12-29
URL https://j3.cloudf1eld.ru/i2bjo6py 2025-12-29
URL https://jprglro7.frostm1nd.ru/?apikey=GwMGqIKgI... 2025-12-29
URL https://kuoh.bluec0rest.ru/6tpbjyuo 2025-12-29
URL https://mipisesho.top/router/api-dom.js 2025-12-29
URL https://mipisesho.top/router/callback-fetch.js 2025-12-29
URL https://nexus.n1ghtcore.ru/4nj25svc 2025-12-29
URL https://nexus.n1ghtcore.ru/b8wrehle 2025-12-29
URL https://oaq.t0ppleseed.ru/zyqeqedr 2025-12-29
URL https://pxe51lm9.frostm1nd.ru/?apikey=upPHmSxZu... 2025-12-29
URL https://r7t.darkf0x.ru/ta36dmyh 2025-12-29
URL https://ridge.t0ppleseed.ru/rh0gcgjr 2025-12-29
URL https://seed.j1nxbuckle.ru/pl89zp5f 2025-12-29
URL https://snip.j1nxbuckle.ru/oc8mvsjs 2025-12-29
URL https://spark.n1ghtcore.ru/5t2f5u28 2025-12-29
URL https://spark.n1ghtcore.ru/6bk25qsf 2025-12-29
URL https://u25u.darkf0x.ru/5kq8q5s4 2025-12-29
URL https://vh.j1nxbuckle.ru/ntweioh2 2025-12-29
URL https://y6gbc.n1ghtcore.ru/0vmsx630 2025-12-29
URL https://y6gbc.n1ghtcore.ru/i72j4d2k 2025-12-29
URL https://y9z9.t0ppleseed.ru/le4w9xfu 2025-12-29
URL https://zx.cloudf1eld.ru/2x3cea5p 2025-12-29
URL https://zx7d.t0ppleseed.ru/yrq314mo 2025-12-29
References (3)
↗ https://www.cisa.gov/news-events/bulletins/sb25-356 ↗ https://any.run/malware-trends/vidar/ ↗ https://urlhaus.abuse.ch/