ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://176.46.157.50/tu3d2rom/index.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2026-01-12 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	1556023
IOC:	http://176.46.157.50/tu3d2rom/index.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Amadey
Confidence Level :	Confidence level is high (100%)
Is compromised? :	False
ASN:	AS215310 USERCLOUD
Country:	DE
First seen:	2025-07-11 15:57:31 UTC
Last seen:	never
UUID:	cca0d1de-5e6d-11f0-8341-42010aa4000a
Reporter	pitachu
Reward	5 credits from ThreatFox
Reference:	https://app.any.run/tasks/315bc97f-69e0-4346-9f68-973f46961f9c

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2025-07-21 13:10:43	28448a261d7007dbf3821eee03b7503fe6cffafda96a0abfe163faa74b23abc9
2025-07-21 06:25:41	96bb8cd2b6dc46507b96fdb23ccdb28403fc700158b70ed8be49deb47eea4f71
2025-07-21 00:15:37	17093370938b8942c744da936a27c5453ecc4d8706d7c5f156f17c31443b7fee
2025-07-20 18:50:30	d62867cb626af4ca039a92ae60dec18cf330b84e87ebabab036539ee80c5f9bf
2025-07-20 15:15:21	073939ea9b3a4a2c80bf7e7a2a9f9e6221e22ee50532f7a6253e64b524770f00