ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://37.46.133.226/Cpusupportdata/scriptscriptServer/scriptCpuPrefphp/Linepythonapimultitrack.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-26 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	160412
IOC:	http://37.46.133.226/Cpusupportdata/scriptscriptServer/scriptCpuPrefphp/Linepythonapimultitrack.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	DCRat
Malware alias:	DarkCrystal RAT
Confidence Level :	Confidence level is high (100%)
ASN:	AS29182 RU-JSCIOT
Country:	RU
First seen:	2021-07-14 13:40:51 UTC
Last seen:	never
UUID:	1ae47469-e4a9-11eb-b17b-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	dcrat

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2023-01-22 11:00:34	d89d94282170e98d32127e2c87754a1badf527018da2cb9338c3e5e6487e90c2
2021-07-15 03:15:29	ac1976494d19c9e673c6ae69a2e88b5901ad494d57d5d942cef0121232772132
2021-07-14 13:40:53	a9d6aa7ef3fde33eb2df6b9c3ec92965f066049cacba533ffc09a877133b809e