Pulse Detail — Threat Intelligence

PULSE NAME

OSINT Volley 2026-01-17 - Unknown malware/DeimosC2/Cobalt Strike

WHITE pduggusa 2026-01-17 Modified: 2026-02-16

IOCs

HIGH VOLUME

Automated OSINT sweep from ThreatFox. Top malware: Unknown malware(62), DeimosC2(27), Cobalt Strike(10), AsyncRAT(8), ClearFake(6). Source: abuse.ch ThreatFox API. SSL enriched: 38 IPs with HTTPS, 12 self-signed (C2 candidates). Pattern 54: sweep→volley automation.

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1071.001 T1105 T1059.001 T1055 T1027 T1219 T1056.001 T1189 T1204.002 T1566.002

MALWARE FAMILIES

Unknown malware DeimosC2 Cobalt Strike AsyncRAT ClearFake

Indicators of Compromise (20 / 62 total)

All URL hostname domain FileHash-MD5

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	d8fbe7bd2d399131611c9a57541e4444	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	9810bc6f3c8a0cfebf10aa1ac18a94fe	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	e0d83d943cb03dc982a9cceae3324575	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	9e80e5794cd8447e3bae73f8e43eb93a	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	91b64dea4d5b91b552af9af3e73b21e9	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	d66e63db75816f1612ee66e5ef80a1a1	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	0f85e1cc2090e3426eb24011c2bb4b98	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	79f3be41931e1e32559980fbe037862b	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	d52fa479098e9ca3d5f28191311f588c	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	4cadd3e503e79af2161d857f71e60d31	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	b51568fb3a22f9816fe412dc01e3ae34	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	5ab6ef0270b38a93d1620c90965cb456	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	467360d71126e9ca886ee8929bf0fd36	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	5474a41d142f72654c46c45cce1e602c	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	a38cb0f56f5dd6bdae50079078813293	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	6fc4b4e2abf47a4484c7d59704f34c0b	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	d1f3e8aca0c9d86982c0b60400961a08	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	7d839393902da99828af8a4abd260254	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	7a254f2a75ddb5bb500c08dfc10b26f5	ThreatFox: Unknown malware - payload	2026-01-17
FileHash-MD5	83f9ae3c31db07746f0a3ea44a33dbb3	ThreatFox: Unknown malware - payload	2026-01-17

References (2)

↗ https://analytics.dugganusa.com/api/v1/stix-feed/v2 ↗ https://threatfox.abuse.ch