ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://81888.cllt.nyashteam.ru/nyashsupport.php.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-11 01:15:02 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	888387
IOC:	http://81888.cllt.nyashteam.ru/nyashsupport.php
IOC Type :	url
Threat Type :	botnet_cc
Malware:	DCRat
Malware alias:	DarkCrystal RAT
Confidence Level :	Confidence level is high (100%)
ASN:	AS13335 CLOUDFLARENET
Country:	US
First seen:	2022-10-14 16:10:57 UTC
Last seen:	never
UUID:	c99a1d34-4bda-11ed-bc10-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	dcrat

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-10-15 12:50:22	8fb6ada4913777c02d68c945590916490da636dd5970542be792737e32a2a64a
2022-10-15 11:37:17	95b1a76fab69f6b786489fdfad350b7165fba55ff478769be1a09d8e2987ddc0
2022-10-15 08:36:21	6bdcafe45540c9492882c077ad121ff6abc704eb2e547aa776de18da65a51ef4
2022-10-15 08:21:11	1a93d204cd4bf9b77434af18be074c47ad7fcebdd109ecc87f77d6b78a9ff2b3
2022-10-15 04:51:13	8cf64f5d90065639f894f78a334386f75ffe99f8c41b05b2f03cf0a5438b9276
2022-10-14 23:25:53	9f487d16cd0e0548b6bde75853d0cfcd4eb9362f61d101ce55740781e3e04b2d
2022-10-14 19:40:46	4faa19632922332b8aedd25006c9c3349bcb9f2bf24bf116857258a7769efbf0
2022-10-14 19:06:56	98a6de25f542afaee3621feaf905566e3a5f60c99c5e1c051de2046cd803fb06
2022-10-14 16:30:50	350154b0e3a6b19a71850f3aa2c6ae51e416332e904b4bdd219617a9e0d167e2