ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://blinkcard.co.vu/shin/five/fre.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-16 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	643467
IOC:	http://blinkcard.co.vu/shin/five/fre.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Loki Password Stealer (PWS)
Malware alias:	Burkina, Loki, LokiBot, LokiPWS
Confidence Level :	Confidence level is high (100%)
First seen:	2022-05-30 20:06:06 UTC
Last seen:	never
UUID:	f06fe374-e053-11ec-9c94-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	Loki

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-05-31 06:50:28	ca00e552544b5c316d1fe6739c87302a5444889c9a426ed558e26d0de82db4ff
2022-05-31 00:36:01	f634dff5e11e123a3495dd867ff9300fb3eb22c0f2ca0b2f5d6e014b391bc9be
2022-05-30 20:06:14	9d39d5e879fbf69a66c504a727dd38dc01d5555f324017888b8679c42a42ce03