← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
OSINT Volley 2026-02-03 - Unknown malware/Unknown Stealer/Formbook
WHITE pduggusa 2026-02-03 Modified: 2026-03-05
125
IOCs
HIGH VOLUME
Automated OSINT sweep from ThreatFox. Top malware: Unknown malware(81), Unknown Stealer(68), Formbook(60), AsyncRAT(25), Remcos(18). Source: abuse.ch ThreatFox API. SSL enriched: 30 IPs with HTTPS, 13 self-signed (C2 candidates). Pattern 54: sweep→volley automation.
osint-volleythreatfoxautomatedunknown-malwareunknown-stealerformbookc2-infrastructure
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Unknown malware Unknown Stealer Formbook AsyncRAT Remcos
Indicators of Compromise (6 / 125 total)
All domain URL hostname
TYPEINDICATORDESCRIPTIONCREATED
URL https://kolscan.fi/ ThreatFox: Unknown malware - payload_delivery 2026-02-03
URL https://one-safe.io/ ThreatFox: Unknown malware - payload_delivery 2026-02-03
URL https://cz-douyin.com/ ThreatFox: Unknown malware - payload_delivery 2026-02-03
URL https://cdn.jsdelivr.net/gh/relight-73-unsigned/coolray/mm21 ThreatFox: ClearFake - payload_delivery 2026-02-03
URL https://www.rigogabriele.it/ ThreatFox: Unknown malware - payload_delivery 2026-02-03
URL http://ilovehosting1.com/1.bat ThreatFox: Quasar RAT - payload_delivery 2026-02-03
References (2)
↗ https://analytics.dugganusa.com/api/v1/stix-feed/v2 ↗ https://threatfox.abuse.ch