ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://ui3opgrowthproton.sytes.net/polfhkgsgh/Panel/five/fre.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-11 01:15:02 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	389749
IOC:	http://ui3opgrowthproton.sytes.net/polfhkgsgh/Panel/five/fre.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Loki Password Stealer (PWS)
Malware alias:	Burkina, Loki, LokiBot, LokiPWS
Confidence Level :	Confidence level is high (100%)
First seen:	2022-02-21 07:36:09 UTC
Last seen:	never
UUID:	efb5b7f2-92e8-11ec-a022-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	Loki

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-02-21 17:05:59	dde87b37e8c2ac1e5fb4bc9e9292573713912a94f72fead321518703e1259c77
2022-02-21 15:25:48	569d44fe2c631a93587f3dfa8ea4d0d01394961be0d8a67d4a165fdd7c44b173
2022-02-21 13:51:03	ee2440922354d6be2dce4ab27274ae2cc2108d8dde37837a739a7e2a36e317d5
2022-02-21 07:36:11	974c776e5c3d20d4e254a4a493757f482931a2c48cdde33c76a0097eafbfdc85