ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://198.98.55.114/rights/inc/0b221f05c8d6c3.php.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1074054
IOC: http://198.98.55.114/rights/inc/0b221f05c8d6c3.php
IOC Type :url
Threat Type :botnet_cc
Malware: Agent Tesla
Malware alias:AgenTesla, AgentTesla, Negasteal
Confidence Level : Confidence level is high (100%)
Is compromised? : False
ASN:AS53667 PONYNET
Country:- CA
First seen:2023-01-25 13:30:47 UTC
Last seen:never
UUID:7a64e6e1-9cb4-11ed-8c16-42010aa4000a
Reporter abuse_ch
Reward 5 credits from ThreatFox
Tags:AgentTesla

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2023-01-25 15:25:50 284822e2a8acc0d59138076c42efff67ec39954f12a4af283f895334ad2fdd59
2023-01-25 13:35:46 e57f1d74706b7c5dd7f2191a6abe13979884a470c0789a03dcc1e82deaab68ea