ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://pakarabi.net/loki/Panel/five/fre.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2026-06-04 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	1588772
IOC:	http://pakarabi.net/loki/Panel/five/fre.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Loki Password Stealer (PWS)
Malware alias:	Burkina, Loki, LokiBot, LokiPWS
Confidence Level :	Confidence level is high (100%)
Is compromised? :	False
ASN:	AS14618 AMAZON-AES
Country:	US
First seen:	2025-09-12 20:35:04 UTC
Last seen:	never
UUID:	f66e0df6-9017-11f0-bfa6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	Loki

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2025-09-13 12:40:08	dc09d93c6815646ab07908d02c810efd668179f2fb43237c588657171f06a762
2025-09-13 08:30:08	b812cdb8e88e818a206ac067adbc9017ea3dcedb19544493858247a0cfa591dc
2025-09-12 23:30:08	1bc87c4f205cd112b2cec3f67c577ae7b604ed56c6cd6a15d8ad1ae6438598b8
2025-09-12 20:35:06	cb90ff94822154b2ec1bc9e9fd11bd64bcb77c84896bc01e3952e44f45ec75e3