IOCs Feed
Hashes, IPs, domains, URLs from active ransomware campaigns
Total Indicators
62,833
hashes, IPs, domains, URLs
Ransomware Groups
231
with IOCs
IOC Types
4
hash, IP, domain, etc.
IOC charts
IOCs by Type
Share of indicators by type (hash, IP, domain, etc.).
46.7%
url
url
Share 46.7%hash
Share 33.4%hostname
Share 12.7%ip
Share 7.2%Data may be capped by source.
Ransomware Incidents by Month
Victim counts by month (attack/discovery date). Last 12 months.
62,833 total
| Ransomware group | Type | Value | Copy |
|---|---|---|---|
| Play Ransomware | hostname | thivaipetrol.com | |
| Play Ransomware | hash | 951220bca521096fed0311382ba37365f294ec43af87801664e7cff34ee53fe7 | |
| Play Ransomware | hash | 54747f7dd201b64853b39f691fa19614f383335916e67abfb74fb09c1b2d2c25 | |
| Play Ransomware | hash | a90790c35bea365befd3af55cbedfffd2cc4481b | |
| Play Ransomware | ip | 85.203.15.100 | |
| Play Ransomware | hostname | konferenceappka.bartvisions.cz | |
| Play Ransomware | hash | c3334a25ada6a0097ad639cb3004429f7c5a235f66e3ae54d38280e96b091458 | |
| Play Ransomware | hash | b0f4262fb225ec0d6f283749c34ba0f1 | |
| Play Ransomware | hash | f76da74a946592ea1303c7d165da07ce99bc4264 | |
| Play Ransomware | ip | 27.124.34.24 | |
| Play Ransomware | hostname | pupybul.com | |
| Play Ransomware | hostname | epsihologie.com | |
| Play Ransomware | url | http://38.181.34.72/ | |
| Play Ransomware | hash | 38b35a397026d4188e30ff10304cd3643bee716f | |
| Play Ransomware | hash | 1032f9e96a249c12f2f6d42678264114 | |
| Play Ransomware | url | https://fiscaldynamicswest.com/ | |
| Play Ransomware | hash | 000f6e268ee76a7e7000e50843f7e179c5f3091724b52a971d8e45340b0567e6 | |
| Play Ransomware | hostname | tehnik-unggul.com | |
| Play Ransomware | hash | 3e52c0b97f67287c212e5bc779b0e7dd843fb0df2ef11b74e1891898d492782c | |
| Play Ransomware | url | http://pplilvbest.cyou/c1/118.107.43.222/reg32 | |
| Play Ransomware | hash | dc427bdbc0d548eca51aeae6fd8e13447e92c360 | |
| Play Ransomware | hostname | puvywav.com | |
| Play Ransomware | hostname | youtube.in | |
| Play Ransomware | ip | 23.27.145.49 | |
| Play Ransomware | hostname | ashleyschmidtphotodesign.com | |
| Play Ransomware | hash | 5fc1481ea239bf70df9878f9111e445f | |
| Play Ransomware | hostname | btgf.fun | |
| Play Ransomware | url | http://urocakpmpanel.com/nt.php/?dt=%25computername | |
| Play Ransomware | hash | fa0ed2faa3da831976fee90860ac39d50484b20bee692ce7f0ec35a15670fa92 | |
| Play Ransomware | hostname | onlinelive.info | |
| Play Ransomware | hash | 31fb8b619b3aec1857ff5c346cb341fc027d83b1a875dc745a374f7d9cbcae3a | |
| Play Ransomware | hash | 3248d9c177fc51ff0ea79ec5cfb4b8b29376a1a3a153d801aff21fd4a1ac998c | |
| Play Ransomware | hash | f50ccbe079501110620cc6bba1db291b95750e6f | |
| Play Ransomware | hash | b52a623145b3ebdff47338c33c225776704877ea27be503c064bee57f3c10407 | |
| Play Ransomware | hash | 4e4410e111dd697e3affdac5bad8340663a7466bfe6d036323e5767a8f706930 | |
| Play Ransomware | hash | 95e61f016310bf3944d81940d2e08a0cac0b5c1956e84c734d25fd977f7d2047 | |
| Play Ransomware | hostname | craftmc.dev | |
| Play Ransomware | ip | 4.4.8.8 | |
| Play Ransomware | hostname | americajobmail.site | |
| Play Ransomware | hash | cae535ccc1f9a678c40ca6af0525d9ec | |
| Play Ransomware | hash | 5a94b457e1f9aa8f5baa4dcda5b30da58f7061c9a49cca46c43c8ee789548e18 | |
| Play Ransomware | ip | 103.6.244.46 | |
| Play Ransomware | url | http://mm6695.icu/d1/qosd.top_10300/code32 | |
| Play Ransomware | ip | 67.205.154.243 | |
| Play Ransomware | hash | 00002a07f6c6df1c764b652bc5bbb7154b02a381c752363fbaa4cee5af1e14be | |
| Play Ransomware | hash | 6bddd57ff69e9a51d8d4a3f7e49701f265fe71baa7f855420491c04e5f752ea8 | |
| Play Ransomware | hostname | 0x21.in | |
| Play Ransomware | ip | 198.167.193.51 | |
| Play Ransomware | hostname | jeffcollet.ch | |
| Play Ransomware | hostname | j75o7xvvsm4lpsjhkjvb4wl2q6ajegvabe6oswthuaubbykk4xkzgpid.onion |
Showing 1–50 of 62,833
Page 1 of 1257