ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://a1086695.xsph.ru/f0b85b5e.php.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1428395
IOC: http://a1086695.xsph.ru/f0b85b5e.php
IOC Type :url
Threat Type :botnet_cc
Malware: DCRat
Malware alias:DarkCrystal RAT
Confidence Level : Confidence level is high (100%)
ASN:AS35278 SPRINTHOST
Country:- RU
First seen:2025-02-20 21:10:08 UTC
Last seen:2025-08-28 06:51:37 UTC
UUID:10a9f080-efcf-11ef-8ad4-42010aa4000a
Reporter abuse_ch
Reward 50 credits from Folz
Tags:dcrat

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2025-02-21 17:50:10 62fd8c7e773674a56856b0ed4907df4eb15ac0fb4e4a18fea5b244180c70b575
2025-02-21 15:40:09 e4a9185f0986262e066fdd0a863444e2667b40655df1c7098c605be5bd3ec6e6
2025-02-21 12:55:08 d945170cc27804050d9789baaf9e86fcd5c4e130ef4b38cec14e3a833a2cf6f9
2025-02-21 12:05:07 afdeaf8649ee916f5734e9363da47ef0b0174bbbd1fca080e75ce291e2760d9c
2025-02-20 21:10:11 7482844fa9ea3044100ff708dd43854bf604859d30e1e6f556a7fa55d32323e4