Name: Incident C4CA4238: Malware & C2 Indicators
Creator: ca-identities.wiki Research Lab
License: https://creativecommons.org/licenses/by-sa/4.0/

IOC / Reference	Classification	Actor	Risk
rant.li	Brute Force	Carbanak	97
fi.pinterest.com	C2 Communication	Equation Group	52
rocketmaxx.com	Credential Stuffing	Rocket Kitten	96
Review: WebAssembly	Lateral Movement	Rocket Kitten	80
bhie.edu.eg	Credential Stuffing	Charming Kitten	29
mydesign-tool.com	Spyware	Conti	93
evergreen-friends.com	Spyware	Conti	15
r/CPlusPlus Community	Whaling	LockBit	67
multiflay.com	Credential Stuffing	Lazarus Group	23
writexo.com	DNS Tunneling	Charming Kitten	87
constico.com	Beaconing	APT29 (Cozy Bear)	29
amiktomakakamajene.ac.id	Whaling	REvil	34
ctxt.io	Lateral Movement	Deep Panda	45
ko.gravatar.com	DNS Tunneling	APT28 (Fancy Bear)	97
www.crossroadsbaitandtackle.com	DNS Tunneling	Sandworm	76
Research: MongoDB	Worm	REvil	59
motion-gallery.net	Lateral Movement	APT29 (Cozy Bear)	45
s3.us-east-2.amazonaws.com	DDoS	Carbanak	58
www.edufex.com	DNS Tunneling	Magecart	56
medley-web.com	Rootkit	Turla	72
vuf.minagricultura.gov.co	CSRF	Magecart	70
md.coredump.ch	CSRF	DarkSide	44
bcraweb.bcra.gob.ar	Botnet Activity	Sandworm	20
forums.littletinyfrogs.com	Cryptojacking	DarkSide	86
newspicks.com	Remote Code Execution (RCE)	Rocket Kitten	57
www.aseeralkotb.com	Man-in-the-Middle	Equation Group	45
The Verge: GPT-4	Credential Stuffing	APT28 (Fancy Bear)	33
hypernotepad.com	Trojan	Charming Kitten	56
metaldevastationradio.com	Rootkit	LockBit	76
www.alnas.fr	SQL Injection	OilRig	67
racetime.gg	Fileless Malware	Charming Kitten	65
meta.decidim.org	Cryptojacking	Gamaredon	73
beadvices.net	Cryptojacking	DarkSide	48
News about SEO	Adware	Turla	64
Learn Objective-C	Zero-Day Exploit	DarkSide	40
zekond.com	DDoS	Gamaredon	66
divekeeper.com	Botnet Activity	APT29 (Cozy Bear)	91
bd.enrollbusiness.com	Zero-Day Exploit	APT41 (Double Dragon)	60
bj88howw1.medium.com	Lateral Movement	Rocket Kitten	13
hitclubvipitcom.newgrounds.com	Trojan	Conti	57

Incident C4CA4238: Malware & C2 Indicators

Real-time threat intelligence feed for Defense sector. Report #C4CA4238 contains IoCs, TTPs, and risk scoring for active campaigns detected in the last 24 hours.