Home/XENOTIME / TRITON / TRISIS/IOCs
IOCs

Indicators for XENOTIME / TRITON / TRISIS

15 indicators · scoped to malware families · back to XENOTIME / TRITON / TRISIS
Live IOCs from URLhaus, ThreatFox, MalwareBazaar, and abuse.ch SSLBL for malware families this actor uses. All indicators are defanged for safe handling.

Indicators

15 of 15
url
hxxps://167.250.49.155/bin/x64/mimidrv.sys
family mimikatz source urlhaus first seen 2026-05-30T19:39:41Z
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://167.250.49.155/bin/mimikatz.exe
family mimikatz source urlhaus first seen 2026-05-30T19:39:41Z
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://167.250.49.155/bin/Win32/mimilib.dll
family mimikatz source urlhaus first seen 2026-05-30T19:39:41Z
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://167.250.49.155/bin/Win32/mimidrv.sys
family mimikatz source urlhaus first seen 2026-05-30T19:39:41Z
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://167.250.49.155/bin/mimikatz.exe
family mimikatz source urlhaus first seen 2026-05-30T19:39:41Z
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://167.250.49.155/bin/x64/mimilib.dll
family mimikatz source urlhaus first seen 2026-05-30T19:39:41Z
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://167.250.49.155/bin/Win32/mimidrv.sys
family mimikatz source urlhaus first seen 2026-05-30T19:39:41Z
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://167.250.49.155/bin/Win32/mimispool.dll
family mimikatz source urlhaus first seen 2026-05-30T19:39:41Z
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://167.250.49.155/bin/Win32/mimilib.dll
family mimikatz source urlhaus first seen 2026-05-30T19:39:41Z
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://195.16.44.75:8080/DavRelayUp.exe
family mimikatz source urlhaus first seen 2026-02-23 07:12:17 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://github.com/MisterLobster22/mimik/blob/main/mimikatz.exe?raw=true
family mimikatz source urlhaus first seen 2025-04-11 06:24:06 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://92.127.156.174:8880/master.exe
family mimikatz source urlhaus first seen 2024-12-17 07:01:27 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://167.250.49.155/bin/Win32/mimikatz.exe
family mimikatz source urlhaus first seen 2024-12-17 07:01:24 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxps://codeload.github.com/54N4L/mimikatzWindows/zip/refs/heads/master
family mimikatz source urlhaus first seen 2024-12-06 14:08:25 UTC
VirusTotalurlscanOTXURLhausPulsedive
url
hxxp://167.250.49.155/bin/x64/mimispool.dll
family mimikatz source urlhaus first seen 2024-07-19 09:05:06 UTC
VirusTotalurlscanOTXURLhausPulsedive
Showing 1-15 of 15
Prev 1 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin