IOC Radar
TLP:WHITE13 IOCs

Threat Intelligence | Analysis of a Fake TronLink Chrome Extension Phishing Campaign

SL
SlowMist
Published May 11, 2026Original Report

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREtrx-scan-explorer.orghttps://tronfind-api.…https://tronfind-api.…CAPABILITYunknownVICTIMunknown
Adversary
Infrastructure(6)
Capability
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise13

TypeIndicatorConfidenceScoreFirst Seen
Domaintrx-scan-explorer.org
exploitintel-blogmalware
High
58
Jun 2, 26
MD5ce612d027e631d6633582227eb29002f
file-hashindicatorintel-blog
Medium
53
Jun 2, 26
SHA2566b4a4b64e6f969017cb3a9a71dd3038ddf32b989e5342dbbe36650d5802f2ee4
file-hashindicatorintel-blog
Medium
53
Jun 2, 26
URLhttps://tronfind-api.tronfindexplorer.com/api/visitor/sync
intel-blognetworkurl
High
58
Jun 2, 26
SHA256b84b89f0a1b7f00431274ac676104acaaa73d440e5731161d1077e733014cc29
file-hashindicatorintel-blog
Medium
53
Jun 2, 26
SHA2560cbf4f21cf157227d2c3fba80b64e1f4c3f9d2cc0bf926e024252c35e93edd5a
file-hashindicatorintel-blog
Medium
53
Jun 2, 26
URLhttps://tronfind-api.tronfindexplorer.com/*
intel-blognetworkurl
High
58
Jun 2, 26
SHA194d651b42355f2b0765a7435e5a5927623807225
file-hashindicatorintel-blog
Medium
53
Jun 2, 26
URLhttps://tronfind-api.tronfindexplorer.com/api/visitor/track
intel-blognetworkurl
High
58
Jun 2, 26
URLhttps://tronfind-api.tronfindexplorer.com/api/visitor/create
intel-blognetworkurl
High
58
Jun 2, 26
URLhttps://tronfind-api.tronfindexplorer.com/api/visitor/enrich
intel-blognetworkurl
High
58
Jun 2, 26
URLhttps://tronfind-api.tronfindexplorer.com/
intel-blognetworkurl
High
58
Jun 2, 26
URLhttps://tronfind-api.tronfindexplorer.com/api/data/words
intel-blognetworkurl
High
58
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph13 total IOCs
DomainMD5SHA256URLSHA1
URL7SHA2563Domain1MD51SHA11REPORTThreat Intelligence | Anal
scroll to zoom · drag to pan · click IOC to open