ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://postbackstat.biz/stats/save.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-12 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	256403
IOC:	http://postbackstat.biz/stats/save.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	CCleaner Backdoor
Malware alias:	DIRTCLEANER
Confidence Level :	Confidence level is high (100%)
First seen:	2021-11-30 09:27:21 UTC
Last seen:	never
UUID:	b8127f9e-51bf-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	GCleaner

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-11-30 23:56:12	4bda2708e3d4cb38dddeae92bda767aa9d8f5bef431e9a48295b9c7f5e1f7bde
2021-11-30 21:46:44	7af33e5528ab8a8f45ee7b8c4dd24b4014feaa6e1d310458fdc53f95ea9f8a04
2021-11-30 10:03:06	d45f08b42166979807a9a9ab00acaec258632c6d0bdddf209f7fa6249517bd6a
2021-11-30 09:27:22	619303e69672123f86e9f16789dec49c26e512df9c26e1cc4dbe36238665a97c