Home/MuddyWater/IOCs
IOCs

Indicators for MuddyWater

830 indicators · scoped to malware families · back to MuddyWater
Live IOCs from URLhaus, ThreatFox, MalwareBazaar, and abuse.ch SSLBL for malware families this actor uses. All indicators are defanged for safe handling.

Indicators

100 of 830
url
hxxps://45.88.186.124/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:25 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://124.198.131.149/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:25 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://124.198.131.242/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:23 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://185.241.208.122:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:23 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.83.31.132/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:23 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://185.241.211.6/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:23 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.94.31.59/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.88.186.47/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://124.198.131.52/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.94.31.102/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://2.58.56.236:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://192.159.99.98/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://84.54.33.34:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://84.54.33.133/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://2.58.56.71:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.88.186.42/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://193.26.115.192:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://185.241.208.173/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.83.31.248/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://124.198.131.173/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://192.159.99.119/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.94.31.192/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.154.98.223/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://2.58.56.46/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.83.31.116/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://45.94.31.164:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.88.186.34/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://45.94.31.57:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://45.88.186.26:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:22 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://185.241.208.151:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:21 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://45.94.31.116:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:21 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.88.186.115/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:21 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.94.31.109/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:21 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://2.58.56.134/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:14 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://124.198.132.197/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://193.26.115.94/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://193.26.115.225/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.83.31.230/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://124.198.131.54:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://124.198.131.82/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://124.198.131.103:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://124.198.131.31/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://124.198.131.88/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://193.26.115.135/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://84.54.33.122:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.83.31.211/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://194.26.192.109/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://45.83.31.142:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://124.198.132.185:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://124.198.132.54/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.94.31.23/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.94.31.176/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://192.159.99.131:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://193.26.115.126/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.88.186.205/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://185.241.211.118/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.88.186.23/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.88.186.236/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.154.98.212/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.88.186.216/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://84.54.33.188:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:12 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://124.198.131.40:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:12 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.83.31.104/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:59:12 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.154.98.164/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:48:05 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.88.186.67/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest
family connectwise source urlhaus first seen 2026-02-22 12:47:12 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://193.26.115.55/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:47:08 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://193.26.115.51:8040/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:47:08 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://124.198.131.50:8443/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:47:08 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://185.241.211.61/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:47:08 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.88.186.67/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:47:08 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://91.206.169.134/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:47:08 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://45.83.31.75/bin/support.client.exe?i=&e=Support&y=Guest&r=
family connectwise source urlhaus first seen 2026-02-22 12:47:08 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://45.88.186.54:8040/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest
family connectwise source urlhaus first seen 2026-02-22 12:46:20 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://193.26.115.55/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest
family connectwise source urlhaus first seen 2026-02-22 12:46:14 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://193.26.115.51:8040/Bin/ScreenConnect.ClientSetup.msi?e=Access&y=Guest
family connectwise source urlhaus first seen 2026-02-22 12:46:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://130.12.180.43/files/5964394645/l7XgRj1.msi
family connectwise source urlhaus first seen 2026-02-20 21:21:09 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://vrajras.com/MicrosoftTeamUpdate.msi
family connectwise source urlhaus first seen 2026-02-05 15:51:21 UTC
VirusTotalurlscanOTXURLhausPulsedive
sslbl_sha1
89d4e3d86581d640c8ac8cbc02fdaaa0967a122a
family ConnectWise source sslbl first seen 2026-02-04 09:10:33
VirusTotalOTX
sslbl_sha1
9aa49488706b0a9744efea9cee0d72907ae1a694
family ConnectWise source sslbl first seen 2026-02-04 09:09:14
VirusTotalOTX
sslbl_sha1
2024f6cd454d59590da0fae2a450e048c484b803
family ConnectWise source sslbl first seen 2026-02-04 08:58:48
VirusTotalOTX
url
hxxps://corporacioncrf.com/get/cl.msi
family connectwise source urlhaus first seen 2026-01-30 16:01:13 UTC
VirusTotalurlscanOTXURLhausPulsedive
sslbl_sha1
8326aaafe66ed1eea591add8d79944837a05fed0
family ConnectWise source sslbl first seen 2026-01-21 18:20:14
VirusTotalOTX
sslbl_sha1
5fe0cb432bb0a9e9c0e08f9b6fe33417efaa3b39
family ConnectWise source sslbl first seen 2026-01-21 17:56:48
VirusTotalOTX
sslbl_sha1
cb08db6d15a3fa5e18ec4bbafcb967dde080e93f
family ConnectWise source sslbl first seen 2026-01-12 15:13:35
VirusTotalOTX
sslbl_sha1
6da2919ee8ad8c6303f5db0f646510365c65a995
family ConnectWise source sslbl first seen 2026-01-09 17:08:13
VirusTotalOTX
sslbl_sha1
200bfaa32c985a0ff50f1505352ac510d2ed893d
family ConnectWise source sslbl first seen 2026-01-08 15:08:07
VirusTotalOTX
sslbl_sha1
9e3a099b0392f90a85defa0a590527fc24c856ac
family ConnectWise source sslbl first seen 2025-12-28 11:22:13
VirusTotalOTX
sslbl_sha1
263ba9c3bdeb2b09c8108913060a355361a1424c
family ConnectWise source sslbl first seen 2025-12-25 12:13:18
VirusTotalOTX
sslbl_sha1
4b1edb0875427c553bf5d42681e7a9fa8f93a35e
family ConnectWise source sslbl first seen 2025-12-15 17:10:07
VirusTotalOTX
sslbl_sha1
34d7f089684ee3ab9faf204b7d0a3a6d88826497
family ConnectWise source sslbl first seen 2025-12-15 09:57:08
VirusTotalOTX
sslbl_sha1
b6bd6b04935cb770d7ddf5d5fb3dd11fffb7a7c3
family ConnectWise source sslbl first seen 2025-12-14 07:00:11
VirusTotalOTX
sslbl_sha1
48f665e237042042432ae4d2aba268d6b091e2af
family ConnectWise source sslbl first seen 2025-12-10 05:20:26
VirusTotalOTX
sslbl_sha1
ceca62498c594c3f9f080ad3fa333fcbd5ab5be5
family ConnectWise source sslbl first seen 2025-12-08 15:23:19
VirusTotalOTX
sslbl_sha1
decfd4408f420a95c3121f8222b9af125e2a10d6
family ConnectWise source sslbl first seen 2025-12-05 17:38:45
VirusTotalOTX
url
hxxps://alineeleuterio.com.br/Receipt_11_26_2025.msi
family connectwise source urlhaus first seen 2025-12-05 11:25:18 UTC
VirusTotalurlscanOTXURLhausPulsedive
sslbl_sha1
ee893dd1ac6e86c0fc314543f3a1c8855b4e0010
family ConnectWise source sslbl first seen 2025-12-04 20:36:33
VirusTotalOTX
sslbl_sha1
f7bf8b28743232d34715f2e6f180284f16258256
family ConnectWise source sslbl first seen 2025-12-03 14:11:37
VirusTotalOTX
sslbl_sha1
8b752ebec4ed1013ad277196fa55c70b037af787
family ConnectWise source sslbl first seen 2025-12-03 14:06:20
VirusTotalOTX
url
hxxps://vizyonuniversitesi.com.tr/Payment_Receipt_11_28_2025.msi
family connectwise source urlhaus first seen 2025-11-29 13:50:30 UTC
VirusTotalurlscanOTXURLhausPulsedive
sslbl_sha1
714be1c77064ad12980b7854e66377d442ed7e1d
family ConnectWise source sslbl first seen 2025-11-21 12:51:11
VirusTotalOTX
Showing 301-400 of 830
Prev 4 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin