ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://sempersim.su/gj4/fre.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-24 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	839487
IOC:	http://sempersim.su/gj4/fre.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Loki Password Stealer (PWS)
Malware alias:	Burkina, Loki, LokiBot, LokiPWS
Confidence Level :	Confidence level is high (100%)
First seen:	2022-07-25 18:17:28 UTC
Last seen:	never
UUID:	0ae482c6-0c46-11ed-a116-42010aa4000a
Reporter	pr0xylife
Reward	5 credits from ThreatFox

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-07-26 07:27:06	566de8b087ea649b425ac340760d12e6c31de2a10f2329ebd1160aa7adf3ac69
2022-07-26 07:12:04	03cbd2e4a26c2482cd22f507d377c82b7497970f7bdb98b937e2f1267e13bc16
2022-07-26 06:37:32	9518e34e1af7c887f8f9cc19288f71c5436617add1043b10226ecbd0d0a5f080