ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://87.251.77.45/multiprotonCdngame/Python/UpdateHttp/jsServer/5Videopacket/Update/4wp/Update/Private3lineexternal/Local5/datalife5Temporary/test0/testUploads_/9/TemporaryAsyncLinuxProtect/requestAuth55/UniversalUploadsGeneratorLongpoll/providerVideoPythonWindowsuploads.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-17 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	742729
IOC:	http://87.251.77.45/multiprotonCdngame/Python/UpdateHttp/jsServer/5Videopacket/Update/4wp/Update/Private3lineexternal/Local5/datalife5Temporary/test0/testUploads_/9/TemporaryAsyncLinuxProtect/requestAuth55/UniversalUploadsGeneratorLongpoll/providerVideoPythonWindowsuploads.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	DCRat
Malware alias:	DarkCrystal RAT
Confidence Level :	Confidence level is high (100%)
ASN:	AS199785 CHSN-AS
Country:	UA
First seen:	2022-06-30 17:06:21 UTC
Last seen:	never
UUID:	f74ed048-f896-11ec-9b75-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	dcrat

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2023-01-08 15:40:14	3bec9a0cb464b474bb238e301c3cb6de70f02603404a7cf195c9015bdd52aa9e
2023-01-08 15:40:13	8f8af16d877ae9ff4258540fab607a072d566338c15116a1d37cbeaa14a17aae
2023-01-08 15:35:14	29a260f82cad1e0628c162e6aa72c4c90757c46e88a54d914b8daf774a2333d2
2023-01-08 15:35:12	1b9ab713f7344baa35b1c530d26dac366dea7f192998bd4ab62d48586138c2de
2022-06-30 17:06:25	c9a69a518fddd5eb4740cf598af5e003297919dbe665652f33e36b81dff3868c