Name: Incident C4CA4238: Malware & C2 Indicators
Creator: ca-identities.wiki Research Lab
License: https://creativecommons.org/licenses/by-sa/4.0/

IOC / Reference	Classification	Actor	Risk
www.fanart-central.net	C2 Communication	Rocket Kitten	76
alianzy-businesspartnership.com	Spyware	Wizard Spider	11
plexuss.com	Data Exfiltration	Gamaredon	59
PyPI: Startup	SQL Injection	OilRig	46
brushsharp.com	Spear Phishing	Deep Panda	15
www.keepandshare.com	Adware	Lazarus Group	86
Quora: Firewall	Cryptojacking	Deep Panda	25
nl.gta5-mods.com	CSRF	Equation Group	90
www.crossroadsbaitandtackle.com	DNS Tunneling	OilRig	73
velog.io	Zero-Day Exploit	Turla	56
mentor.khai.edu	Cryptojacking	LockBit	32
hu.pinterest.com	SQL Injection	Deep Panda	94
Scientific Study: JavaScript	Whaling	Charming Kitten	24
band.us	Phishing	Carbanak	75
toppinvestors.com	Brute Force	Conti	43
Debug Objective-C	Ransomware	Charming Kitten	72
participation.u-bordeaux.fr	CSRF	DarkSide	28
se.enrollbusiness.com	Beaconing	Turla	37
muabanhaiduong.com	Remote Code Execution (RCE)	DarkSide	37
dominerbusiness.com	Data Exfiltration	Wizard Spider	46
www3.uwsp.edu	Botnet Activity	Lazarus Group	94
evergreen-friends.com	Phishing	Magecart	17
ml007.k12.sd.us	CSRF	REvil	57
History of Tor network	Remote Code Execution (RCE)	OilRig	75
www.twitch.tv	Fileless Malware	LockBit	66
co.enrollbusiness.com	Man-in-the-Middle	Sandworm	58
ofuse.me	Whaling	OilRig	17
qh88amito.stck.me	Brute Force	APT28 (Fancy Bear)	44
justpaste.it	Data Exfiltration	Silence	75
offcourse.co	Phishing	Turla	80
academia.sanpablo.edu.ec	Data Exfiltration	OilRig	41
whelex.com	Spear Phishing	Magecart	50
Docker Image: GPT-4	Remote Code Execution (RCE)	Carbanak	75
all4webs.com	Fileless Malware	Deep Panda	21
www.alexandria.gov.eg	Credential Stuffing	Rocket Kitten	18
ru.enrollbusiness.com	Rootkit	Rocket Kitten	52
ml007.k12.sd.us	CSRF	Equation Group	15
bookmarksmyweb.com	Cryptojacking	Turla	83
www.video-bookmark.com	XSS	Conti	59
kera99.bcz.com	Fileless Malware	Carbanak	24
addons.mozilla.org	Rootkit	Sandworm	25
paper.wf	Data Exfiltration	DarkSide	65
docs.google.com	Remote Code Execution (RCE)	OilRig	97
www.crossroadsbaitandtackle.com	DNS Tunneling	Sandworm	76
lk.enrollbusiness.com	DNS Tunneling	LockBit	50
789clubsjpn.pointblog.net	Credential Stuffing	Lazarus Group	82
Review: Tor network	Whaling	Carbanak	42
telegra.ph	Beaconing	Rocket Kitten	51
tooter.in	Zero-Day Exploit	APT28 (Fancy Bear)	51

Incident C4CA4238: Malware & C2 Indicators

Real-time threat intelligence feed for Defense sector. Report #C4CA4238 contains IoCs, TTPs, and risk scoring for active campaigns detected in the last 24 hours.