ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://furnaceshst.net/gd22/fre.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-16 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	435956
IOC:	http://furnaceshst.net/gd22/fre.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Loki Password Stealer (PWS)
Malware alias:	Burkina, Loki, LokiBot, LokiPWS
Confidence Level :	Confidence level is high (100%)
First seen:	2022-03-21 22:39:21 UTC
Last seen:	never
UUID:	c0524104-a967-11ec-8129-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	Loki

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-03-22 03:23:09	465a58c67b9c168e2a7d5a1ba3b7fb53bf439be8fdabf8b07ad8e03141aafc8c
2022-03-21 23:48:48	7d46a9212c3221cefb29a7604a02ed077aed3dee376b1887565c114d7b151a58
2022-03-21 22:39:24	592d7eb5c11442dfd6c5c9cbff5d977c16c8671b22a339c23e76102109083a04