← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
OSINT Volley 2026-02-03 - Unknown malware/Unknown Stealer/Formbook
WHITE pduggusa 2026-02-03 Modified: 2026-03-05
125
IOCs
HIGH VOLUME
Automated OSINT sweep from ThreatFox. Top malware: Unknown malware(81), Unknown Stealer(68), Formbook(60), AsyncRAT(25), Remcos(18). Source: abuse.ch ThreatFox API. SSL enriched: 30 IPs with HTTPS, 13 self-signed (C2 candidates). Pattern 54: sweep→volley automation.
osint-volleythreatfoxautomatedunknown-malwareunknown-stealerformbookc2-infrastructure
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Unknown malware Unknown Stealer Formbook AsyncRAT Remcos
Indicators of Compromise (125)
All domain URL hostname
TYPEINDICATORDESCRIPTIONCREATED
domain hsicclassactionsettlement.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain goteclift.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain thetew.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain mybodysaver.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain cuadorcoast.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain missk-hair.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain hk6628.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain rootmoover.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain setadragon.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain pon.xyz ThreatFox: Formbook - botnet_cc 2026-02-03
domain reshemporium.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain craftbychristians.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain laterlifelendingsupermarket.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain techwhose.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain peak-valleyadvertising.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain ashestore.site ThreatFox: Formbook - botnet_cc 2026-02-03
domain rizqebooks.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain kyg-cpa.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain bigarius.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain collegevillepaareahomes.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain kingdomvets.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain thetravellingwitch.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain organicdiscover.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain davidwarburg.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain chinanl168.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain martabaroagency.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain neosinder.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain greenmommarket.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain prinothhusky.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain 800pls.info ThreatFox: Formbook - botnet_cc 2026-02-03
domain recipesdunnright.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain feathertiara.net ThreatFox: Formbook - botnet_cc 2026-02-03
domain intoxickiss.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain joshuatreeresearch.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain brasilupshop.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain support24h.site ThreatFox: Formbook - botnet_cc 2026-02-03
domain amsmapped.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain mimortgageexpert.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain verifypurchase.online ThreatFox: Formbook - botnet_cc 2026-02-03
domain 333s998.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain pawsthemomentpetphotography.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain travelstipsguide.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain tv-safetrading.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain thesweetboy.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain occulusblu.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain frystmor.city ThreatFox: Formbook - botnet_cc 2026-02-03
domain systemofyouth.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain sctsmney.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain zwq.xyz ThreatFox: Formbook - botnet_cc 2026-02-03
domain searchlakeconroehomes.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain briative.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain fafene.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain solanohomebuyerclass.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain joneshondaservice.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain iqpt.info ThreatFox: Formbook - botnet_cc 2026-02-03
domain theforumonline.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain nathanielwhite108.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain singnema.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain theroseofsharonsalon.com ThreatFox: Formbook - botnet_cc 2026-02-03
domain rsautoluxe.com ThreatFox: Formbook - botnet_cc 2026-02-03
URL https://kolscan.fi/ ThreatFox: Unknown malware - payload_delivery 2026-02-03
URL https://one-safe.io/ ThreatFox: Unknown malware - payload_delivery 2026-02-03
URL https://cz-douyin.com/ ThreatFox: Unknown malware - payload_delivery 2026-02-03
URL https://cdn.jsdelivr.net/gh/relight-73-unsigned/coolray/mm21 ThreatFox: ClearFake - payload_delivery 2026-02-03
hostname registration-irc.gl.at.ply.gg ThreatFox: XWorm - botnet_cc 2026-02-03
domain gaz39-service.ru ThreatFox: Havoc - botnet_cc 2026-02-03
domain kolscan.fi ThreatFox: Unknown malware - botnet_cc 2026-02-03
hostname www.capztoolz.com ThreatFox: Unknown malware - botnet_cc 2026-02-03
domain cz-douyin.com ThreatFox: Unknown malware - botnet_cc 2026-02-03
domain one-safe.io ThreatFox: Unknown malware - botnet_cc 2026-02-03
domain captolls.com ThreatFox: Unknown malware - botnet_cc 2026-02-03
hostname control.minecraftplanet.de ThreatFox: Havoc - botnet_cc 2026-02-03
URL https://www.rigogabriele.it/ ThreatFox: Unknown malware - payload_delivery 2026-02-03
URL http://ilovehosting1.com/1.bat ThreatFox: Quasar RAT - payload_delivery 2026-02-03
hostname ews.spacelink.dpdns.org ThreatFox: Cobalt Strike - botnet_cc 2026-02-03
hostname nwk.skjeelancipla.com.lk ThreatFox: Vidar - botnet_cc 2026-02-03
domain webcdns.com ThreatFox: Cobalt Strike - botnet_cc 2026-02-03
domain sbwur1.top ThreatFox: MintsLoader - botnet_cc 2026-02-03
domain gecdfcjcbcmmakk.top ThreatFox: MintsLoader - botnet_cc 2026-02-03
domain shortcut.save ThreatFox: Agent Tesla - botnet_cc 2026-02-03
domain wscript.shell ThreatFox: Agent Tesla - botnet_cc 2026-02-03
hostname x1eplattwistinit.duckdns.org ThreatFox: Remcos - botnet_cc 2026-02-03
hostname greatmindzcroll.duckdns.org ThreatFox: Remcos - botnet_cc 2026-02-03
hostname plattwistinit.duckdns.org ThreatFox: Remcos - botnet_cc 2026-02-03
hostname x1egreatmindzcroll.duckdns.org ThreatFox: Remcos - botnet_cc 2026-02-03
hostname itallgrealomeirac.duckdns.org ThreatFox: Remcos - botnet_cc 2026-02-03
domain goveanrs.org ThreatFox: ClearFake - payload_delivery 2026-02-03
domain getalia.org ThreatFox: ClearFake - payload_delivery 2026-02-03
hostname wcw.uk.com ThreatFox: AsyncRAT - botnet_cc 2026-02-03
domain win678.fun ThreatFox: AsyncRAT - botnet_cc 2026-02-03
hostname ubwgpb.za.com ThreatFox: AsyncRAT - botnet_cc 2026-02-03
domain riceif.in.net ThreatFox: AsyncRAT - botnet_cc 2026-02-03
domain pub88-game.com ThreatFox: AsyncRAT - botnet_cc 2026-02-03
hostname meraki.uk.com ThreatFox: AsyncRAT - botnet_cc 2026-02-03
hostname kra.sa.com ThreatFox: AsyncRAT - botnet_cc 2026-02-03
hostname gqa.uk.com ThreatFox: AsyncRAT - botnet_cc 2026-02-03
hostname addictiontreatment.eu.com ThreatFox: AsyncRAT - botnet_cc 2026-02-03
hostname ingodgracebabyangelgivenblesswellwithmyl.duckdns.org ThreatFox: Remcos - botnet_cc 2026-02-03
domain thapcamtvz.org ThreatFox: Unknown malware - botnet_cc 2026-02-03
hostname news.spacelink.dpdns.org ThreatFox: Cobalt Strike - botnet_cc 2026-02-03
domain primeshare33.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain maccloudzip.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain imacfilesafe.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain macdropnow.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain imacsimplesend.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain safemacguard.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain maciclouddock.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain fileshadowtransfer87.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain macclouddesk.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain maccloudx.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain mymachelpdesk.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain macabooart.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain macflowy.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain maccloudjet.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain cloudgate29.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain macfileshare.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain imacfolder.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain syncport20.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain macsyncbin.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain macfilesafesend.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain maccloudglide.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain macicloudtrack.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain macprivateicloud.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain macfiledesk.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
domain macsyncsend.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-03
References (2)
↗ https://analytics.dugganusa.com/api/v1/stix-feed/v2 ↗ https://threatfox.abuse.ch