ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://x-vpn.ug/hfV3vDtt/index.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-16 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	160958
IOC:	http://x-vpn.ug/hfV3vDtt/index.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Amadey
Confidence Level :	Confidence level is high (100%)
ASN:	AS24940 HETZNER-AS
Country:	DE
First seen:	2021-07-18 11:05:30 UTC
Last seen:	never
UUID:	10f379eb-e7b8-11eb-b17b-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	Amadey

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-07-18 16:45:40	f2fcd49dd7ce2e64415e73f5276e813e90d53dea18f5fba68e1c8b55e0c1f631
2021-07-18 14:55:43	4db35ea029c5e2d5073018bed89c24b0c4e54b831ff6d5ddf0e370b6289d3631
2021-07-18 14:10:44	88c98c6871442d02b5f26dc7625926c1dcd4de88a7d31bc53786f6182204c902
2021-07-18 13:05:35	11296d96cfdba7c5323c3d0167bfb7d9d84b39757f58f2e6581cac42cbb0fcbc
2021-07-18 12:15:36	e5203487f0bbd037f06aeda5aad3c304f9217260659212afc6be5ad85a35fcb7