ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://cz77268.tw1.ru/99f28f99.php.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1582236
IOC: http://cz77268.tw1.ru/99f28f99.php
IOC Type :url
Threat Type :botnet_cc
Malware: DCRat
Malware alias:DarkCrystal RAT
Confidence Level : Confidence level is high (100%)
ASN:AS9123 TimeWeb-AS
Country:- RU
First seen:2025-09-05 09:10:14 UTC
Last seen:never
UUID:221e624c-8a38-11f0-bfa6-42010aa4000a
Reporter abuse_ch
Reward 5 credits from ThreatFox
Tags:dcrat RAT

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2025-09-05 09:30:19 f0c19bca34ec10ca7f3057c3ecccc0a4b2d8f21fa163c1149ca8d15fa9918703
2025-09-05 09:10:17 3c9a5d90d37ba18c0ff3a4e6461cabdf1de6a3eee8890a39e68a1549c433c7e0