ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://a1164274.xsph.ru/6377807f.php.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1579669
IOC: http://a1164274.xsph.ru/6377807f.php
IOC Type :url
Threat Type :botnet_cc
Malware: DCRat
Malware alias:DarkCrystal RAT
Confidence Level : Confidence level is high (100%)
Is compromised? : False
ASN:AS35278 SPRINTHOST
Country:- RU
First seen:2025-09-01 14:45:14 UTC
Last seen:never
UUID:454c52b1-8742-11f0-bfa6-42010aa4000a
Reporter abuse_ch
Reward 5 credits from ThreatFox
Tags:dcrat RAT

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2025-09-02 10:00:30 7e30454bb3e83a895f105099a3d38ad4ca539804bd437052219cb4fe1de153a8
2025-09-01 14:45:17 59b7bc4246d760f4ae78a480b14803a2f2b8a45d7e18a6bf2d1e969559bf4e2d