ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://83.220.168.32/BasePipeRequest/Linux/2track/pipesecurewindowsDownloads.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-13 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	865947
IOC:	http://83.220.168.32/BasePipeRequest/Linux/2track/pipesecurewindowsDownloads.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	DCRat
Malware alias:	DarkCrystal RAT
Confidence Level :	Confidence level is high (100%)
ASN:	AS29182 RU-JSCIOT
Country:	RU
First seen:	2022-10-01 19:50:46 UTC
Last seen:	never
UUID:	575545d9-41c2-11ed-80c0-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	dcrat

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-10-02 17:20:16	12f4c2993ffa3dce4a1a997045fe7a39e63b910ac5452959845fc42e87c429cf
2022-10-02 16:10:19	4139dc5ea64ae693feff804f9c0fb452ebec30752b00725aceb394d699d3e674
2022-10-02 14:16:03	7b2d5c7b5c7ebc7f547c5b92d5b35429551fb6b3ca7860b5cf6dc992925d4590
2022-10-02 13:25:21	d3d22069ba40690558c6bd0f74b93423bcf1ca453175ff4382274c8f8ff5693c
2022-10-02 06:30:32	c33f134f0ab3f44d772304d62d8a8ebcfe907261eb5cfbdaeb0f4cb8680cfa5a
2022-10-02 05:55:49	99cb3e6404b5415de7a6300f1ad678fe95b0027ea7ebd04d005489172afbad85
2022-10-02 02:30:35	d6e59815c0f787f63a9a47677b12a225e719b8779db8265f10673d0bb991b5f9
2022-10-02 00:25:30	58632a78f9a4c8286797ccfc8aa291bc8f327ee9d9953fa8253f209f7f43e524
2022-10-01 23:16:08	070f16914a04346c2e03fefb34ed1afd9020a75b53fe79b9100b432dc64119ec
2022-10-01 21:20:44	8b1bec76483f000ef30a2f41cbd718d428a40287ca4c2f12191e963b9690fe19
2022-10-01 21:10:44	746f7b35df249758c5e4a7ac883d44189b60e3ad0bb3936400ebe9fe5789fc2f
2022-10-01 19:56:01	619d633f079e586e2795677282d190b1d7cffc649a1cd0d3161b42e7d28be668