ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://66.29.145.162/?Y8nalJQQXC4cNDqmmYx1iS34FS7RJj1IspTN8KE5.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-12 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	842154
IOC:	http://66.29.145.162/?Y8nalJQQXC4cNDqmmYx1iS34FS7RJj1IspTN8KE5
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Loki Password Stealer (PWS)
Malware alias:	Burkina, Loki, LokiBot, LokiPWS
Confidence Level :	Confidence level is high (100%)
ASN:	AS22612 NAMECHEAP-NET
Country:	US
First seen:	2022-08-09 09:30:20 UTC
Last seen:	never
UUID:	e2f3c21f-17c5-11ed-b21e-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	Loki

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-08-10 04:25:12	724677a3bf74449c7823ef8d585a7727c246aaee1904e0b096c6b69f54d0674a
2022-08-09 17:15:21	073001badb9c5952f3fc2826cc888ca214fbfce2073909f7fab8c0c00501a761
2022-08-09 09:30:22	526112d33e03a7e75b6cec978555e948d8c41c77c81ab379363d084a942633ae