ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://81.94.155.48/VideotempSecureDefault/eternal/CentraltempApiVm/ExternalSecureprotectAsyncCdn.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-15 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	1514466
IOC:	http://81.94.155.48/VideotempSecureDefault/eternal/CentraltempApiVm/ExternalSecureprotectAsyncCdn.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	DCRat
Malware alias:	DarkCrystal RAT
Confidence Level :	Confidence level is high (100%)
ASN:	AS8595 WESTCALL-AS
Country:	RU
First seen:	2025-05-01 07:28:23 UTC
Last seen:	never
UUID:	dd834792-265d-11f0-adfc-42010aa4000a
Reporter	abuse_ch
Reward	50 credits from Folz
Tags:	dcrat

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2025-05-01 07:28:51	641d3b5292b32444f764cbd3d410750f6358e3382e19d1b23f549995cd668c10
2025-05-01 07:28:39	9c0766859442861a34d4c24343e103773e3b34ca1b4eaf25ee8d2157d4f55f3d
2025-05-01 07:28:28	e71fc1170426b7f5407b292a1b880a1bf5475b7990af6ddf4b82312fc2da6611