ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://postbackstat.biz/check.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-08 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	249947
IOC:	http://postbackstat.biz/check.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	CCleaner Backdoor
Malware alias:	DIRTCLEANER
Confidence Level :	Confidence level is high (100%)
First seen:	2021-11-16 22:56:39 UTC
Last seen:	never
UUID:	7599a55a-4730-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	GCleaner

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-11-17 06:26:20	03764778071d849510a478fc90d3a7cfa8b84cd3ea250c1f65a6fe655d66816e
2021-11-17 03:41:09	bb1944681aa2fcfd5f372fd44e041a63569b46130540225afc1560a1650d4e37
2021-11-17 02:11:44	3badebcefb9e7153384cae83baaa119f6317c9381e8500ac285568590e0abd82
2021-11-17 02:01:40	b05798eab2bd214db04037519c3d5271e9602980123b594c8b579f5581d4efdd
2021-11-16 23:02:02	dcf4ecc6d3b70a3e11077862b9e3830806191f0718eecb525a3e7d24246c0287