ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://dblg023.shop/bill1/index.php.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1101911
IOC: http://dblg023.shop/bill1/index.php
IOC Type :url
Threat Type :botnet_cc
Malware: Azorult
Malware alias:PuffStealer, Rultazo
Confidence Level : Confidence level is elevated (75%)
Is compromised? : False
First seen:2023-04-11 12:00:18 UTC
Last seen:2026-06-08 10:21:28 UTC
UUID:6d53294d-d860-11ed-8380-42010aa4000a
Reporter abuse_ch
Reward 5 credits from ThreatFox
Tags:AZORult
Reference: https://bazaar.abuse.ch/sample/f00cdfd984eccedd6447987cc68bb5f308954f393e855440a69ff6d565e74794/

Avatar
abuse_ch
azorult (aka PuffStealer,Rultazo) botnet C2

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2023-04-13 07:00:24 57ba6e0a9c0804c9a3d239dc6fb2a6742f3a91b762741772dd3571e1cbec45f8
2023-04-13 06:15:23 d1d58063feddaed2cc035a452f508d0638c9c0305cb89b6a5d04fdd0ad323f27