ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://beesco.net/second/chief3/fre.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2026-06-04 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	1457532
IOC:	http://beesco.net/second/chief3/fre.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Loki Password Stealer (PWS)
Malware alias:	Burkina, Loki, LokiBot, LokiPWS
Confidence Level :	Confidence level is high (100%)
Is compromised? :	False
ASN:	AS16509 AMAZON-02
Country:	US
First seen:	2025-03-24 06:25:29 UTC
Last seen:	never
UUID:	c82b9748-0878-11f0-872d-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	Loki

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2025-03-24 17:20:09	8af2c5cbbd64bc20fc6b292a0dcfe5efa795b1dd5dadd1c5f68933a7a81ae388
2025-03-24 12:05:08	fa98e06145118bc9c05760b99728d9636dcfd6b208a854dc4393ac6e97434b52
2025-03-24 07:25:08	c199b37d388d854ff6031105ffd57958083cdb123b1386dc63e4d6bb21566e52
2025-03-24 06:25:34	ba07cd9c65b14ed73b58436fdbe6a6507d24d350c0f4ffe9feb85ed57bbca28c
2025-03-24 06:25:31	94bdebbfd12c3bd62b3bc24c83f71e9a765b19220e9d4a5d2bec383301b5de76