ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://knafi2hc.beget.tech/L1nc0In.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-11 01:15:02 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	1309449
IOC:	http://knafi2hc.beget.tech/L1nc0In.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	DCRat
Malware alias:	DarkCrystal RAT
Confidence Level :	Confidence level is high (100%)
First seen:	2024-08-11 10:15:11 UTC
Last seen:	never
UUID:	9815ae3b-57ca-11ef-bfcd-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	dcrat

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2024-08-12 00:05:09	3b88fdeb5144b0f3a710b42cefa937e57aed28001acb82562229472ce258a124
2024-08-12 00:00:23	79fe6d413c5adf2234ed44df34621102b88f8070739421a35fe6ee087d281c54
2024-08-11 17:30:07	ab71530434f64e6aa105732c42dbb5a409ac0aae4258b3c3e7db1a7d5914cc30
2024-08-11 10:15:13	3e3978a0f761909353e129a35ee1795bf829f71c1106a3450b7e147bd51312e0