ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://a0694489.xsph.ru/Vmjavascriptapitraffictest.php.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:814174
IOC: http://a0694489.xsph.ru/Vmjavascriptapitraffictest.php
IOC Type :url
Threat Type :botnet_cc
Malware: DCRat
Malware alias:DarkCrystal RAT
Confidence Level : Confidence level is high (100%)
ASN:AS35278 SPRINTHOST
Country:- RU
First seen:2022-07-07 17:45:21 UTC
Last seen:never
UUID:92ba6435-fe1c-11ec-b8ab-42010aa4000a
Reporter abuse_ch
Reward 5 credits from ThreatFox
Tags:dcrat

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2022-07-08 07:30:33 6ae8a6ee77cb35434d3ca3e2d9bbeaba01d5824737f2fa44a177c2db0f8215a4
2022-07-07 17:45:22 10de5bf00f1f04a0b612e14a44f37554e66db6930e29fe25dde9687431e64b0a
2022-07-07 17:45:22 e1864ab06b7d25bd46cea006612703a679e11956870c385ee9d8279cf08dd63c