← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
ThreatFox Hunt: Unknown Stealer IOCs - 2026-02-05
WHITE pduggusa 2026-02-05 Modified: 2026-03-07
57
IOCs
HIGH VOLUME
Automated ThreatFox hunt for Unknown Stealer indicators. 58 IOCs collected via Pattern 49 intelligence streaming. MITRE ATT&CK: T1071.001, T1105. Reference: https://analytics.dugganusa.com
unknown-stealerthreatfoxautomated-huntpattern-49dugganusastealer
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Unknown Stealer
Indicators of Compromise (57)
All domain hostname
TYPEINDICATORDESCRIPTIONCREATED
domain ultradatahost1.cfd Unknown Stealer payload_delivery - ThreatFox ID: 1740879 2026-02-05
domain maclinkgo.com Unknown Stealer payload_delivery - ThreatFox ID: 1740880 2026-02-05
domain macsharego.com Unknown Stealer payload_delivery - ThreatFox ID: 1740881 2026-02-05
domain safetransfer14.com Unknown Stealer payload_delivery - ThreatFox ID: 1740882 2026-02-05
domain maclinkon.com Unknown Stealer payload_delivery - ThreatFox ID: 1740883 2026-02-05
domain macshareup.com Unknown Stealer payload_delivery - ThreatFox ID: 1740884 2026-02-05
domain macspeedx.com Unknown Stealer payload_delivery - ThreatFox ID: 1740885 2026-02-05
domain macuplum.com Unknown Stealer payload_delivery - ThreatFox ID: 1740886 2026-02-05
domain macpathy.com Unknown Stealer payload_delivery - ThreatFox ID: 1740887 2026-02-05
domain macuplink.com Unknown Stealer payload_delivery - ThreatFox ID: 1740888 2026-02-05
domain quicksend10.com Unknown Stealer payload_delivery - ThreatFox ID: 1740889 2026-02-05
domain okcreditcard.com Unknown Stealer botnet_cc - ThreatFox ID: 1741121 2026-02-05
hostname apisyncdata.onrender.com Unknown Stealer botnet_cc - ThreatFox ID: 1741127 2026-02-05
hostname apiv3.wincryptapi.com Unknown Stealer botnet_cc - ThreatFox ID: 1741195 2026-02-05
hostname tsxoihgri0uqyvuf.wincryptapi.com Unknown Stealer botnet_cc - ThreatFox ID: 1741196 2026-02-05
hostname kamal.wincryptapi.com Unknown Stealer botnet_cc - ThreatFox ID: 1741197 2026-02-05
hostname xevhlfcbjkzmjxr5.wincryptapi.com Unknown Stealer botnet_cc - ThreatFox ID: 1741198 2026-02-05
hostname vu4za2dgrqj0wmfi.wincryptapi.com Unknown Stealer botnet_cc - ThreatFox ID: 1741199 2026-02-05
hostname z3cwncdoqkqw7cpk.wincryptapi.com Unknown Stealer botnet_cc - ThreatFox ID: 1741200 2026-02-05
hostname pfwtdqyqngky5jwn.wincryptapi.com Unknown Stealer botnet_cc - ThreatFox ID: 1741201 2026-02-05
hostname upload.wincryptapi.com Unknown Stealer botnet_cc - ThreatFox ID: 1741202 2026-02-05
hostname down.wincryptapi.com Unknown Stealer botnet_cc - ThreatFox ID: 1741203 2026-02-05
hostname qrcqhinbvlv3ym3b.wincryptapi.com Unknown Stealer botnet_cc - ThreatFox ID: 1741204 2026-02-05
domain maccodenode.com Unknown Stealer payload_delivery - ThreatFox ID: 1741224 2026-02-05
domain maccouriergo.com Unknown Stealer payload_delivery - ThreatFox ID: 1741225 2026-02-05
domain macbeamsend.com Unknown Stealer payload_delivery - ThreatFox ID: 1741226 2026-02-05
domain macdatadrop.com Unknown Stealer payload_delivery - ThreatFox ID: 1741227 2026-02-05
domain macmigrate.com Unknown Stealer payload_delivery - ThreatFox ID: 1741228 2026-02-05
domain macfilejet.com Unknown Stealer payload_delivery - ThreatFox ID: 1741229 2026-02-05
domain macpipehub.com Unknown Stealer payload_delivery - ThreatFox ID: 1741230 2026-02-05
domain macpacket.com Unknown Stealer payload_delivery - ThreatFox ID: 1741231 2026-02-05
domain maccodestack.com Unknown Stealer payload_delivery - ThreatFox ID: 1741232 2026-02-05
domain maccaststream.com Unknown Stealer payload_delivery - ThreatFox ID: 1741233 2026-02-05
domain macdatapipeline.com Unknown Stealer payload_delivery - ThreatFox ID: 1741234 2026-02-05
domain macpassage.com Unknown Stealer payload_delivery - ThreatFox ID: 1741235 2026-02-05
domain maccastlink.com Unknown Stealer payload_delivery - ThreatFox ID: 1741236 2026-02-05
domain macsmartlink.com Unknown Stealer payload_delivery - ThreatFox ID: 1741237 2026-02-05
domain macswiftly.com Unknown Stealer payload_delivery - ThreatFox ID: 1741238 2026-02-05
domain macsharehub.com Unknown Stealer payload_delivery - ThreatFox ID: 1741239 2026-02-05
hostname www.lyraconnect.uk Unknown Stealer botnet_cc - ThreatFox ID: 1741241 2026-02-05
domain macfileairdrop.com Unknown Stealer payload_delivery - ThreatFox ID: 1741969 2026-02-05
domain maclessons.com Unknown Stealer payload_delivery - ThreatFox ID: 1741970 2026-02-05
domain macdatabranch.com Unknown Stealer payload_delivery - ThreatFox ID: 1741971 2026-02-05
domain macfilenova.com Unknown Stealer payload_delivery - ThreatFox ID: 1741972 2026-02-05
domain macairshare.com Unknown Stealer payload_delivery - ThreatFox ID: 1741973 2026-02-05
domain macbinarymesh.com Unknown Stealer payload_delivery - ThreatFox ID: 1741974 2026-02-05
domain macdatapipe.com Unknown Stealer payload_delivery - ThreatFox ID: 1741975 2026-02-05
domain macairxfer.com Unknown Stealer payload_delivery - ThreatFox ID: 1741976 2026-02-05
domain macshareflash.com Unknown Stealer payload_delivery - ThreatFox ID: 1741977 2026-02-05
domain macfilepipeline.com Unknown Stealer payload_delivery - ThreatFox ID: 1741978 2026-02-05
domain macfilepool.com Unknown Stealer payload_delivery - ThreatFox ID: 1741979 2026-02-05
domain macbitnode.com Unknown Stealer payload_delivery - ThreatFox ID: 1741980 2026-02-05
domain macmirrorx.com Unknown Stealer payload_delivery - ThreatFox ID: 1741981 2026-02-05
domain macpayloadhub.com Unknown Stealer payload_delivery - ThreatFox ID: 1741982 2026-02-05
domain macxfercloud.com Unknown Stealer payload_delivery - ThreatFox ID: 1741983 2026-02-05
domain macbeamcloud.com Unknown Stealer payload_delivery - ThreatFox ID: 1741984 2026-02-05
domain macfilemesh.com Unknown Stealer payload_delivery - ThreatFox ID: 1741985 2026-02-05
References (2)
↗ https://analytics.dugganusa.com/api/v1/stix-feed/v2 ↗ https://threatfox.abuse.ch