Name: Incident C4CA4238: Malware & C2 Indicators
Creator: ca-identities.wiki Research Lab
License: https://creativecommons.org/licenses/by-sa/4.0/

IOC / Reference	Classification	Actor	Risk
6968e101545ad.site123.me	Botnet Activity	Silence	32
Docker Image: Microsoft SQL	Beaconing	Charming Kitten	42
tipsy.phorum.pl	Remote Code Execution (RCE)	OilRig	46
jaga.link	Brute Force	Lazarus Group	13
id.gravatar.com	Whaling	Lazarus Group	11
prrush.com	Remote Code Execution (RCE)	APT29 (Cozy Bear)	90
s8inccom1.stck.me	SQL Injection	Silence	85
www.goodreads.com	Brute Force	LockBit	29
squareblogs.net	Brute Force	Wizard Spider	19
ava.ifsul.edu.br	Adware	LockBit	100
v.gd	Credential Stuffing	Carbanak	22
datos.chduero.es	Spear Phishing	DarkSide	91
www.uscgq.com	Spyware	DarkSide	69
participons.mauges-sur-loire.fr	Cryptojacking	Gamaredon	59
bet.koushijima.com	DNS Tunneling	REvil	13
www.ekdarun.com	Spear Phishing	OilRig	13
nyccharterschools.jobboard.io	Botnet Activity	Equation Group	91
mentor.khai.edu	Fileless Malware	Wizard Spider	24
blog.libero.it	CSRF	Wizard Spider	78
addmeintop10.com	Worm	Turla	37
fusionzap.com	DDoS	Turla	19
www.bunity.com	XSS	DarkSide	12
www.natthadon-sanengineering.com	Botnet Activity	LockBit	43
rocketmaxx.com	Lateral Movement	Sandworm	11
paper.wf	Spear Phishing	LockBit	23
seedly.sg	Ransomware	APT41 (Double Dragon)	81
ekcochat.com	DNS Tunneling	APT28 (Fancy Bear)	64
www.cnbv.gob.mx	Trojan	APT41 (Double Dragon)	83
dominerbusiness.com	Remote Code Execution (RCE)	Equation Group	48
consultingfirm-usa.com	Adware	Magecart	67
Hacker News: Ruby	CSRF	Rocket Kitten	25
www.freedomteamapexmarketinggroup.com	Rootkit	Wizard Spider	68
docs.google.com	CSRF	Lazarus Group	100
id.pinterest.com	Man-in-the-Middle	APT28 (Fancy Bear)	91
etwinningonline.eba.gov.tr	Lateral Movement	REvil	99
addmeintop10.com	Lateral Movement	APT28 (Fancy Bear)	70
web-tourist.net	CSRF	Silence	47
chromewebstore.google.com	Man-in-the-Middle	Lazarus Group	91
www.hulkshare.com	C2 Communication	REvil	39
archive.org	XSS	Deep Panda	24
zenwriting.net	Botnet Activity	OilRig	14
www.bisound.com	Spyware	APT28 (Fancy Bear)	51
bookmarksmyweb.com	Spear Phishing	APT28 (Fancy Bear)	45
prospectuso.com	Botnet Activity	APT41 (Double Dragon)	76
gemstonic.com	Ransomware	Wizard Spider	10
saowinjpnet.s3.us-east-2.amazonaws.com	Cryptojacking	Sandworm	91
postheaven.net	Botnet Activity	Equation Group	89
ofuse.me	CSRF	Rocket Kitten	90
kera99.bcz.com	C2 Communication	Conti	56
tudomuaban.com	Cryptojacking	Equation Group	62
boards.2draw.net	C2 Communication	Charming Kitten	16
Microsoft Docs: Terraform	Fileless Malware	OilRig	57
r/Node.js Community	Remote Code Execution (RCE)	Conti	27
Hadoop Definition	Worm	Charming Kitten	37
www.rueanmaihom.net	Worm	OilRig	21

Incident C4CA4238: Malware & C2 Indicators

Real-time threat intelligence feed for Defense sector. Report #C4CA4238 contains IoCs, TTPs, and risk scoring for active campaigns detected in the last 24 hours.