TLP:WHITE115 IOCs
Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload
Malware Families
Diamond Model
Adversary
Infrastructure(6)
Capability(1)
Victim
5W+H Threat Analysis
Analysis unavailable
Indicators of Compromise
Indicators of Compromise115
| Type | Indicator | Confidence | Score | First Seen |
|---|---|---|---|---|
| MD5 | 25c8ed0511375dca57ef136ac3fa0cca exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | investika-club.com exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| IP | 81.30.105.71 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 1a11b26dd0261ef27a112ce8b361c247 file-hashintel-blogmalware | Medium | 53 | Jun 2, 26 |
| MD5 | 9eaae9491f6a50d6df0be393734a44cb exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | eba3bcdb19a7e256bf8e2cc5b9c1cca9 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | tenkoff.org exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 867b634588c0fd6b26684d502c15ab03 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | fishingflytackle.com exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 493b901d1b33eb577db64aadd948f9ce exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | landscapeuganda.com exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| IP | 195.58.49.9 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 5329f7bff9d0d5db28821b86c26d628f exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | internationalcommoditiesllc.com exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 8158552950d2e13b075001ce0c52aa97 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | kufar.org exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 1d401d6e6fc0b00aaa2c65a0ac0cfd6b exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | b6aae073e7bfebf4d643c2bbeb5c02e1 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 36120f5e9411bcbac7104ef3fa964ed2 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | f56b31a4b47ad3365b18a7e922fba1a8 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| CVE | CVE-2018-0802 exploitintel-blogmalware | Medium | 51 | Jun 2, 26 |
| MD5 | 2b4ba4facf8c299749771a3a4369782e exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 50568b1f9335a7e3ba4e5df035a8fb86 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 5000a353399500bc78381dc95b6ed2dc exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 7242ac065b50bcde9308756b49dbadcb exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| IP | 46.17.45.49 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 116f59e70a9df97f4adaea71eecb1e9a exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 344ca9ea07cd4ac90ef27f8890d4ec05 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | goverru.com exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | fb0f8027acf1b1e47e07a63d8812ed50 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | bc3739dec8cd8f54f3f60a85f3ed600e exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 1b39e86eb772a0e40060b672b7f574f1 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 7a95360b7e0eb5b107a3d231abbc541a exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | allgoodsdirect.com.au exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| Domain | cloudguide.in exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| Domain | bigbang.me exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 67d7e3aeeb673bf60c59361c12a4ed81 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| IP | 185.250.181.207 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| IP | 45.87.219.116 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 28ecf8fb6719e14231b94b4d37629b0e exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | f9c3bbe108566d1a6b070f9c5fb03160 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 40a562b8600f843b717bc5951b2e3c29 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| IP | 185.22.154.73 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| Domain | istochnik.org exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| Domain | alnakhlah.com.sa exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | f721a76deb28fd0b80d27fce6b8f5016 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | onedrivesupport.net exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | ba9ce06641067742f2afc9691faff1dc exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | firsai.tipshub.net exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 63b6be9ae8d8024a40b200cccb438f1d exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 69121c36eb8bf77962dca825fcffd873 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 83edde9f7eeefac0363413972f35572b exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 38fa4306fa4406ba31cf171af4d36e34 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 0577db70844e88b32b954906e2f20798 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 369b75bdcded16469ede7ab8bedcfae1 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| IP | 194.102.104.207 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 2042eb5d52f0b535a1ce6b6f954c8c2b exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 0320dd389fdbab25d46792bd2817675e exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| IP | 185.53.179.136 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | b4e183627b7399006c1bc47b3711e419 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 5339d1a666f3e40fe756505cf1d87d4b exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | totallegacy.org exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | bbf1fa694122e07635deeac11ad712f8 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | ec076cd21c483a40156f4e40d08daded exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 0c514e137860f489e3801213460ef938 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 9bd788f285e32a05e6591d1eb36ebffc exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | znews.net exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| Domain | wizzifi.com exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| IP | 194.87.196.163 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| Domain | lafortunaitalian.co.uk exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 3c75cedb1196df5eab91f31411ed4b33 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | d5b38b252cf212a4a32763de36732d40 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | humanitas.si exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | a75dbed984963b9ab21309c5b2f8fd9b exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | c0d1eaa15a2cefbab9735787575c8d8e exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | agenciakharis.com.br exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 2aa1e9765ef6b00b94a9b6be0041436a exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 6aa586bcc45ca2e92a4f0ef47e086fa1 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | d3c8afd22baa306ff659db1fac28574a exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | c5702eb250f855c8c872fffb9bb656ed exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | mamurjor.com exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | f6f62456fb0fcc396fb654cbed339bc3 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| IP | 37.228.129.224 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| Domain | amerikastaj.com exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| Domain | spbnews.net exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 42ac350bfbc5b4eb0fedba16c81919c7 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 6d7b2d1172bbdb7340972d844f6f0717 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| IP | 146.70.53.171 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 097ca205ad9e3b72018750280904718c exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| IP | 46.17.44.212 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| IP | 5.181.21.75 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 0857c84b62289a1a9f29e19244e9a499 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 9769f43b9de8d19e803263267fa6d62e exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | ed34f5a136fba4fdea976570faa33ed7 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | a632858f14b36f03d0f213f5f5d6bff2 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | ultimatecore.net exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 579a9952d31cad801a3988dbe7914ce7 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| IP | 185.126.239.77 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| IP | 45.15.65.134 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 216cb7f31d383c0dd892b284df05a495 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | f301aa3d62b5095eec4d8e34201a4769 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| IP | 46.17.44.125 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | f42085522ec2ebb16edcf814e7c330ad exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 3e6e9df00a764b348ec611ee8504aca0 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | cc751619bfec0dc4607c17112b9e3b2c exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 89572f0ed20791a5ac9fc4267d67ccb0 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | kommando.live exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| IP | 46.17.45.56 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| IP | 93.125.114.193 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 7f776ad200287d6de14a29158c457179 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| Domain | paleturquoise-dragonfly-364512.hostingersite.com exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| IP | 93.125.114.57 exploitintel-blogmalware | High | 58 | Jun 2, 26 |
| MD5 | 51f7f794ed43fb90d0f8ebbb5effe628 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | b8c753dd254509fba5077ffd5067eab0 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
| MD5 | 2cabb721681455dae1b6a26709def453 exploitfile-hashintel-blog | Medium | 53 | Jun 2, 26 |
IOC Relationship Graph
IOC Relationship Graph115 total IOCs
MD5DomainIPCVE