ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://down.wincryptapi.com/download.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1690845
IOC: https://down.wincryptapi.com/download
IOC Type :url
Threat Type :payload_delivery
Malware: Unknown Stealer
Confidence Level : Confidence level is high (100%)
Is compromised? : False
ASN:AS13335 CLOUDFLARENET
Country:- US
First seen:2026-01-04 08:01:13 UTC
Last seen:never
UUID:7c11602c-e8bb-11f0-9957-42010aa4000a
Reporter burger
Reward 5 credits from ThreatFox
Reference: https://bazaar.abuse.ch/sample/0b439debd24d965d005b155b7573788de5dfb9677c956a91db53649b4906749a/

Avatar
burger
HTTP methods POST required for the download, GET will result in a 404 error