Name: Incident C4CA4238: Malware & C2 Indicators
Creator: ca-identities.wiki Research Lab
License: https://creativecommons.org/licenses/by-sa/4.0/

IOC / Reference	Classification	Actor	Risk
Wired Article: Laravel	Spyware	Rocket Kitten	88
www.navacool.com	Credential Stuffing	Turla	57
multiflay.com	Spear Phishing	Equation Group	65
almondine-replace-125.notion.site	Rootkit	Deep Panda	99
writeablog.net	Phishing	DarkSide	80
taniecirlandzki.phorum.pl	Beaconing	Wizard Spider	16
mydesign-tool.com	Man-in-the-Middle	OilRig	83
www.milliescentedrocks.com	SQL Injection	Wizard Spider	85
lintense.com	Data Exfiltration	Deep Panda	36
onrtip.gov.jm	Beaconing	Rocket Kitten	72
bravelight.net	Brute Force	Lazarus Group	97
zenwriting.net	Adware	OilRig	100
profile.hatena.ne.jp	Lateral Movement	Rocket Kitten	92
www.monofeya.gov.eg	Man-in-the-Middle	Conti	98
hhitclubnet2.mystrikingly.com	XSS	LockBit	80
Q&A: React Native	SQL Injection	APT41 (Double Dragon)	21
data.gov.ua	Spear Phishing	LockBit	42
brightfrenzy.com	DNS Tunneling	Wizard Spider	76
culturesbook.com	Adware	Gamaredon	91
www.hobowars.com	Brute Force	Magecart	95
newsnviews.larsentoubro.com	Worm	Wizard Spider	82
Wired Article: Apache Server	Cryptojacking	DarkSide	63
Hacker News: GraphQL	Trojan	Sandworm	32
docs.google.com	SQL Injection	Turla	83
skyflypro.com	Brute Force	Lazarus Group	67
6963ccb752581.site123.me	Whaling	LockBit	100
test.elit.edu.my	Remote Code Execution (RCE)	Conti	24
sv.enrollbusiness.com	Whaling	APT29 (Cozy Bear)	94
colab.research.google.com	Beaconing	Sandworm	68
jobhop.co.uk	SQL Injection	Deep Panda	33
manufax.net	Lateral Movement	REvil	28
zenwriting.net	Worm	Magecart	57
nowgoalhomes.website3.me	Brute Force	LockBit	91
PyPI: Perl	Adware	Wizard Spider	82
quicknote.io	SQL Injection	APT29 (Cozy Bear)	76
es.stylevore.com	Botnet Activity	LockBit	51
dominerbusiness.com	C2 Communication	Rocket Kitten	53
bogotamihuerta.jbb.gov.co	Trojan	Magecart	40
clinicalpsychologistme.com	Man-in-the-Middle	APT29 (Cozy Bear)	43
whenyouriseup.activeboard.com	DDoS	DarkSide	50
www.mrclarksdesigns.builderspot.com	Whaling	DarkSide	75
www.bmw-sg.com	Data Exfiltration	APT28 (Fancy Bear)	71
696a469206830.site123.me	Phishing	Lazarus Group	39
twitback.com	Worm	Sandworm	13
gamebaich.gumroad.com	Credential Stuffing	APT28 (Fancy Bear)	25
AWS Docs: ASP.NET Core	Lateral Movement	APT29 (Cozy Bear)	55
rocketmaxx.com	Man-in-the-Middle	Conti	90
multiflay.com	SQL Injection	Carbanak	23
usastravelsuscomcasino.s3.us-east-2.amazonaws.com	Lateral Movement	Charming Kitten	48
onne.link	Zero-Day Exploit	LockBit	57
docs.google.com	Spear Phishing	Magecart	50
nerdgaming.science	Phishing	Gamaredon	61
music.amazon.com	C2 Communication	Turla	48
www.ttlxshipping.com	Data Exfiltration	Carbanak	98
smartopya.com	CSRF	Charming Kitten	18

Incident C4CA4238: Malware & C2 Indicators

Real-time threat intelligence feed for Defense sector. Report #C4CA4238 contains IoCs, TTPs, and risk scoring for active campaigns detected in the last 24 hours.