TLP:WHITE7 IOCs
Operation AkaiRyū: MirrorFace invites Europe to Expo 2025 and revives ANEL backdoor
Malware Families
Diamond Model
Adversary
Infrastructure(6)
Capability(1)
Victim
5W+H Threat Analysis
Analysis unavailable
Indicators of Compromise
Indicators of Compromise7
| Type | Indicator | Confidence | Score | First Seen |
|---|---|---|---|---|
| IP | 45.32.116.146 anonymizationc2malware | High | 68 | Jun 2, 26 |
| Domain | vu4fleh3yd4ehpfpciinnwbnh4b77rdeypubhqr2dgfibjtvxpdxozid.onion anonymizationc2malware | High | 68 | Jun 2, 26 |
| IP | 64.176.56.26 anonymizationc2malware | High | 68 | Jun 2, 26 |
| Domain | u4mrhg3y6jyfw2dmm2wnocz3g3etp2xc5thzx77uelk7mrk7qtjmc6qd.onion anonymizationc2malware | High | 68 | Jun 2, 26 |
| IP | 152.42.202.137 malwarenetworkrat | High | 68 | Jun 2, 26 |
| IP | 104.233.167.135 c2malwarenetwork | High | 68 | Jun 2, 26 |
| IP | 208.85.18.4 malwarenetworkproxy | High | 68 | Jun 2, 26 |
IOC Relationship Graph
IOC Relationship Graph7 total IOCs
IPDomain