ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://a0553951.xsph.ru/apiBigloadDbtrack.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-16 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	153312
IOC:	http://a0553951.xsph.ru/apiBigloadDbtrack.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	DCRat
Malware alias:	DarkCrystal RAT
Confidence Level :	Confidence level is high (100%)
ASN:	AS35278 SPRINTHOST
Country:	RU
First seen:	2021-06-24 15:31:37 UTC
Last seen:	never
UUID:	43db852f-d501-11eb-b17b-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	dcrat

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2023-02-03 19:05:29	980024e8c13ce835dbfa28f8eea51e701e36b1a085061445d14f7f4e87a44e50
2023-02-03 18:35:31	f32a37424ccba445f53662ff847a5ed6c5692d827a57fe3e0ca2cdf1a8f41790
2021-06-24 16:26:41	c6f3d4cbe11b7bf8d6c3b420380c89f370a16d13b9fe963f01cd1ae75a50ff78
2021-06-24 15:31:40	95f5464f22e6bbe285c912f7afd00836c7253babdf6b608cbbb5a063bb1f868f