ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://tixfilmz.tk/PWS/fre.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-26 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	839431
IOC:	http://tixfilmz.tk/PWS/fre.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Loki Password Stealer (PWS)
Malware alias:	Burkina, Loki, LokiBot, LokiPWS
Confidence Level :	Confidence level is high (100%)
First seen:	2022-07-25 10:26:31 UTC
Last seen:	never
UUID:	40410421-0c04-11ed-bf78-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	Loki

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-07-26 08:40:08	734fb6cefe68c150be6e9b31283606c47be648dfa3164d3e2e9d1d6a5680d4bb
2022-07-26 06:30:23	bd604e71251c7483847289aa48805e49752d13cf1972b1519c7662933eab9c7e
2022-07-25 13:17:24	9a5c50fbad3b28500e887c9a2a1ce396629327dee278aa0a213b24a1994d3638
2022-07-25 10:26:32	f76df260cc9735210bf54f956946104f39e43390abf5efb97d5b35877c39c9c2