ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://185.215.113.204/Lkb2dxj3/index.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-11 01:15:02 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	747176
IOC:	http://185.215.113.204/Lkb2dxj3/index.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Amadey
Confidence Level :	Confidence level is high (100%)
ASN:	AS51381 ELITETEAM-PEERING-AZ1
Country:	SC
First seen:	2022-07-01 12:21:43 UTC
Last seen:	2024-04-10 12:00:17 UTC
UUID:	5e5395da-f938-11ec-9b75-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	Amadey

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-07-02 06:10:53	7ae47a7166a0f7b242e9f1f6de261089ca6916143290173a813e13d38fec573b
2022-07-01 21:35:52	566525c61d64c378c99f59da573aa7712061bad58bbda3fb6b58842184e88f3a
2022-07-01 18:10:53	db596cb4ea302b1725931893b989d092e7339c136f5bb97d5ab24c4e3f361e73
2022-07-01 12:21:47	ab134dc417ab9e925dabf4f183d74379c5d7aa6b855a18f4e0f021c80bc95489