← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
OSINT Volley 2026-02-02 - Unknown malware/Unknown Stealer/AsyncRAT
WHITE pduggusa 2026-02-02 Modified: 2026-03-04
118
IOCs
HIGH VOLUME
Automated OSINT sweep from ThreatFox. Top malware: Unknown malware(79), Unknown Stealer(68), AsyncRAT(26), Remcos(16), XWorm(13). Source: abuse.ch ThreatFox API. SSL enriched: 29 IPs with HTTPS, 11 self-signed (C2 candidates). Pattern 54: sweep→volley automation.
osint-volleythreatfoxautomatedunknown-malwareunknown-stealerasyncratc2-infrastructure
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Unknown malware Unknown Stealer AsyncRAT Remcos XWorm
Indicators of Compromise (118)
All URL hostname domain
TYPEINDICATORDESCRIPTIONCREATED
URL https://one-safe.io/ ThreatFox: Unknown malware - payload_delivery 2026-02-02
URL https://cz-douyin.com/ ThreatFox: Unknown malware - payload_delivery 2026-02-02
URL https://cdn.jsdelivr.net/gh/relight-73-unsigned/coolray/mm21 ThreatFox: ClearFake - payload_delivery 2026-02-02
hostname registration-irc.gl.at.ply.gg ThreatFox: XWorm - botnet_cc 2026-02-02
domain gaz39-service.ru ThreatFox: Havoc - botnet_cc 2026-02-02
domain kolscan.fi ThreatFox: Unknown malware - botnet_cc 2026-02-02
hostname www.capztoolz.com ThreatFox: Unknown malware - botnet_cc 2026-02-02
domain cz-douyin.com ThreatFox: Unknown malware - botnet_cc 2026-02-02
domain one-safe.io ThreatFox: Unknown malware - botnet_cc 2026-02-02
domain captolls.com ThreatFox: Unknown malware - botnet_cc 2026-02-02
hostname control.minecraftplanet.de ThreatFox: Havoc - botnet_cc 2026-02-02
URL https://www.rigogabriele.it/ ThreatFox: Unknown malware - payload_delivery 2026-02-02
URL http://ilovehosting1.com/1.bat ThreatFox: Quasar RAT - payload_delivery 2026-02-02
hostname ews.spacelink.dpdns.org ThreatFox: Cobalt Strike - botnet_cc 2026-02-02
hostname nwk.skjeelancipla.com.lk ThreatFox: Vidar - botnet_cc 2026-02-02
domain webcdns.com ThreatFox: Cobalt Strike - botnet_cc 2026-02-02
domain sbwur1.top ThreatFox: MintsLoader - botnet_cc 2026-02-02
domain gecdfcjcbcmmakk.top ThreatFox: MintsLoader - botnet_cc 2026-02-02
domain shortcut.save ThreatFox: Agent Tesla - botnet_cc 2026-02-02
domain wscript.shell ThreatFox: Agent Tesla - botnet_cc 2026-02-02
hostname x1eplattwistinit.duckdns.org ThreatFox: Remcos - botnet_cc 2026-02-02
hostname greatmindzcroll.duckdns.org ThreatFox: Remcos - botnet_cc 2026-02-02
hostname plattwistinit.duckdns.org ThreatFox: Remcos - botnet_cc 2026-02-02
hostname x1egreatmindzcroll.duckdns.org ThreatFox: Remcos - botnet_cc 2026-02-02
hostname itallgrealomeirac.duckdns.org ThreatFox: Remcos - botnet_cc 2026-02-02
domain goveanrs.org ThreatFox: ClearFake - payload_delivery 2026-02-02
domain getalia.org ThreatFox: ClearFake - payload_delivery 2026-02-02
hostname wcw.uk.com ThreatFox: AsyncRAT - botnet_cc 2026-02-02
domain win678.fun ThreatFox: AsyncRAT - botnet_cc 2026-02-02
hostname ubwgpb.za.com ThreatFox: AsyncRAT - botnet_cc 2026-02-02
domain riceif.in.net ThreatFox: AsyncRAT - botnet_cc 2026-02-02
domain pub88-game.com ThreatFox: AsyncRAT - botnet_cc 2026-02-02
hostname meraki.uk.com ThreatFox: AsyncRAT - botnet_cc 2026-02-02
hostname kra.sa.com ThreatFox: AsyncRAT - botnet_cc 2026-02-02
hostname gqa.uk.com ThreatFox: AsyncRAT - botnet_cc 2026-02-02
hostname addictiontreatment.eu.com ThreatFox: AsyncRAT - botnet_cc 2026-02-02
hostname ingodgracebabyangelgivenblesswellwithmyl.duckdns.org ThreatFox: Remcos - botnet_cc 2026-02-02
domain thapcamtvz.org ThreatFox: Unknown malware - botnet_cc 2026-02-02
hostname news.spacelink.dpdns.org ThreatFox: Cobalt Strike - botnet_cc 2026-02-02
domain primeshare33.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain maccloudzip.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain imacfilesafe.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macdropnow.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain imacsimplesend.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain safemacguard.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain maciclouddock.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain fileshadowtransfer87.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macclouddesk.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain maccloudx.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain mymachelpdesk.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macabooart.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macflowy.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain maccloudjet.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain cloudgate29.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macfileshare.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain imacfolder.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain syncport20.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macsyncbin.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macfilesafesend.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain maccloudglide.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macicloudtrack.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macprivateicloud.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macfiledesk.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macsyncsend.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macfilelinkdrop.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain maclinkbox.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain mac-backup.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain ultradatahost3.cfd ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain icloudmacs.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain safetransfer14.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain quicksend10.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain imacguide.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macsendcloud.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain mac-tours.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macfilesi.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macfilex.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macsendpath.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macauway.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macclouddock.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain maccloudarchive.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain sharemacrelay.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain imaczip.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain imacloop.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain imacdrivedock.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macfilestorage.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macfilebeam.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain maccloudbeam.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain dropport49.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain imacrestorehub.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain cloudboxmac.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain imacmigrator.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain classicmacfiles.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain maccloudstorage.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain fastsendportal02.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain driveport38.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain mymacanswers.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macfilesharehub.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain sendportal02.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain megafilehub4.xyz ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain ultradatahost1.cfd ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macared.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain mymacguides.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain mac-file.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain maccloudfiles.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
domain macpush.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-02
URL http://astrologickeconoablos.cc:8080/updater?for=0BC6238794CA4BBB920A5147C1E32912 ThreatFox: Unknown malware - botnet_cc 2026-02-02
hostname mail.nct9.ne.jp ThreatFox: Amadey - botnet_cc 2026-02-02
hostname gulf.moneroocean.stream ThreatFox: Amadey - botnet_cc 2026-02-02
hostname lolpak-60040.portmap.host ThreatFox: Unknown malware - botnet_cc 2026-02-02
URL https://193.111.208.17/logger ThreatFox: SmartApeSG - payload_delivery 2026-02-02
URL https://verotibet.com/metrics ThreatFox: SmartApeSG - payload_delivery 2026-02-02
URL http://193.111.208.17/metrics ThreatFox: SmartApeSG - payload_delivery 2026-02-02
URL https://tiapolif.com/tenant/dashboard-thread.js ThreatFox: SmartApeSG - payload_delivery 2026-02-02
domain tiapolif.com ThreatFox: SmartApeSG - payload_delivery 2026-02-02
URL https://tiapolif.com/tenant/redirect-effect.php ThreatFox: SmartApeSG - payload_delivery 2026-02-02
URL https://soulversr.com/js.php ThreatFox: KongTuke - payload_delivery 2026-02-02
domain soulversr.com ThreatFox: KongTuke - payload_delivery 2026-02-02
URL https://soulversr.com/1d2g.js ThreatFox: KongTuke - payload_delivery 2026-02-02
References (2)
↗ https://analytics.dugganusa.com/api/v1/stix-feed/v2 ↗ https://threatfox.abuse.ch