ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://89.23.99.246/43/DbWindowsBaseVoiddb/Multi6/image/Cdn/providertoJsServerdefaultTrafficUniversaltrack.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-16 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	1533031
IOC:	http://89.23.99.246/43/DbWindowsBaseVoiddb/Multi6/image/Cdn/providertoJsServerdefaultTrafficUniversaltrack.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	DCRat
Malware alias:	DarkCrystal RAT
Confidence Level :	Confidence level is high (100%)
ASN:	AS56694 SmartApe
Country:	RU
First seen:	2025-05-23 19:00:20 UTC
Last seen:	never
UUID:	2c6ca637-3808-11f0-90ee-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	dcrat RAT

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2025-05-24 11:40:16	74f74c68d4135322e479e46056330eaadf298078280b0e5836b050f9e64739cf
2025-05-24 05:45:18	6c9d219c1d798335d0de88c138095105be6a727e2ad9cbca8769882359b0f0e5
2025-05-24 01:15:22	ae488ec3a43f45f0402242dae4bbb17d1d6f589a6704adb7c4c598c04841bfcd
2025-05-23 23:50:20	6c473d9d01182077f01a5cef4a08097fd3dd486073d1a712b6ee9d51ed8f4265
2025-05-23 23:40:20	bdd2c00551c1951719adae59ddce88e3ab61d9645152f8ea301d389f47a4d033
2025-05-23 20:15:43	c3d164e0a40eed835164a5f8b50436295d3843264491a7950e73237423f13f61
2025-05-23 19:00:25	19ac246d7fd9a5acab6f244fd450413d30cf6de1cec9b8d2a1e87a82172b70b9