ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://162.0.223.13/?08fequikdahgueq78uc.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-26 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	870778
IOC:	http://162.0.223.13/?08fequikdahgueq78uc
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Loki Password Stealer (PWS)
Malware alias:	Burkina, Loki, LokiBot, LokiPWS
Confidence Level :	Confidence level is high (100%)
ASN:	AS22612 NAMECHEAP-NET
Country:	US
First seen:	2022-10-05 06:10:33 UTC
Last seen:	never
UUID:	6bc0e4c8-4474-11ed-80c0-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	Loki

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-10-06 05:20:10	86872882a1df4af709b5a75bade82d33754df38e07fdf50311c93d7b8ca055cc
2022-10-05 15:06:23	74e53af9391a576f9ab4cc6182f51514946d4e7c41db02ea8927c6f5bb0ca54d
2022-10-05 11:00:33	eccc473ca1398efe9c95c25fba6b3d03d4c959bc27635b5fd252528e1bc5bd6f
2022-10-05 06:15:50	6107d46d911270a0dff4638eb37be034995cf887f633b24a254ce2f642564fbf