IOCs · MuddyWater · threatengine.sh

Home/MuddyWater/IOCs

IOCs

Indicators for MuddyWater

830 indicators · scoped to malware families · back to MuddyWater

Live IOCs from URLhaus, ThreatFox, MalwareBazaar, and abuse.ch SSLBL for malware families this actor uses. All indicators are defanged for safe handling.

⚠

Indicators

30 of 830

ip:port

172[.]245[.]185[.]195:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

185[.]139[.]215[.]144:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

172[.]105[.]103[.]223:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

213[.]209[.]159[.]254:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

185[.]132[.]53[.]76:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

195[.]200[.]28[.]173:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

5[.]181[.]181[.]107:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

80[.]71[.]235[.]233:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

103[.]232[.]121[.]241:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

147[.]182[.]231[.]214:1337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

85[.]206[.]164[.]27:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

89[.]116[.]31[.]190:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

173[.]214[.]172[.]247:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

84[.]32[.]22[.]235:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

107[.]172[.]151[.]87:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

146[.]19[.]213[.]207:8443

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

207[.]174[.]0[.]149:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

172[.]241[.]228[.]78:1337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

107[.]174[.]154[.]10:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

47[.]84[.]199[.]208:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

185[.]44[.]76[.]137:1337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

46[.]8[.]226[.]70:8443

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

191[.]101[.]131[.]244:40056

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

191[.]101[.]131[.]244:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

51[.]15[.]8[.]6:9998

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

47[.]84[.]83[.]56:8443

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

47[.]84[.]83[.]56:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

51[.]15[.]8[.]6:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

185[.]196[.]117[.]168:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

ip:port

15[.]235[.]166[.]83:31337

family Sliver source threatfox

VirusTotal AbuseIPDB Shodan GreyNoise OTX Censys Talos Pulsedive

Showing 801-830 of 830

Prev 9 Next

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin