MALICIOUS (1) campaign cataloged at 2025-10-01(2).
- The campaign has clearly malicious intent, like infostealers.
- This is just the date of creating the catalog entry. It may not reflect the date of creation of the campaign itself.
2025-10-regixtest¶
Obfuscated code contains e.g. capabilities for downloading and executing code from a hardcoded location. It's also recognized as malware
Abuse categories¶
action-hidden-in-lib-usage
Campaign uses action-hidden-in-lib-usage.
malware
Campaign uses malware.
obfuscation
Campaign uses obfuscation.
remote_script
Downloads and executes a remote malicious script.
IoCs & related URLs¶
URLs with payloads, characteristic domains, C&C IPs, repositories with malicious code, etc.
-
cxojh-118-179-99-2.a.free.pinggy.link
-
xnrij-118-179-99-2.a.free.pinggy.link