ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://150.241.108.228/_cpuSql.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-26 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	1526001
IOC:	http://150.241.108.228/_cpuSql.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	DCRat
Malware alias:	DarkCrystal RAT
Confidence Level :	Confidence level is high (100%)
ASN:	AS213877 u1host-as
Country:	GB
First seen:	2025-05-19 23:20:10 UTC
Last seen:	never
UUID:	cf514066-3507-11f0-90ee-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	dcrat RAT

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2025-05-20 08:20:19	fd12ffb8ae2031a1f3948598035fe6e6ce673c9294f7ae7f52add7ad4ed1093a
2025-05-20 06:50:18	4d0ab9aa14dba8570588eac3f9eff115b848cc01314827d6ad48751ca8b8c300
2025-05-20 05:40:17	1418896b2c726e143a8e27bcd3735cb9e152d173d6568cfde8af1dc920ba61d9
2025-05-20 04:10:17	968ade5a99bff741c5f34a250ceff2cfa38847d40ef6ae147d392beec006cc69
2025-05-20 02:40:15	728549068c5d974365c2a0d3406f70a77d01d774c7479696e0f104f93d8fa299
2025-05-20 01:35:16	e04fd3d23b9bfc7e468be3e70d244c763777b7cdb9c8523b76e0c66bfbca7186
2025-05-19 23:30:18	127ac21132b665b83769de83b625652b7e192701adce2b56a76400d821478282
2025-05-19 23:20:14	d6d7e790c5db51c653ae9b6a08a9d83d49ca1ae0302d10c1bf3bf39ea62fa9e5