ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 196.251.88.52:66.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1562047
IOC: 196.251.88.52:66
IOC Type :ip:port
Threat Type :botnet_cc
Malware: XWorm
Confidence Level : Confidence level is high (100%)
ASN:AS401120 CHEAPY-HOST
Country:- US
First seen:2025-07-29 15:05:59 UTC
Last seen:never
UUID:88e0a1ca-6c8d-11f0-851c-42010aa4000a
Reporter abuse_ch
Reward 50 credits from anonymous
10 credits from 01Xyris
50 credits from anonymous
10 credits from netresec
Tags:XWorm

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2025-07-29 17:25:38 03ee33e361fac2cdfb9bf45bbaa5c7872f5fcb632867ca73b12bbfa982b4df4c
2025-07-29 15:06:36 ae8af7d5410097b8a33ff22a32338239dc0ed237b83f8fa17e11c5f6f1a0bec1
2025-07-29 15:06:34 b638779c533c1747e87786626980d2a8d41e7374ed640b62d052c784a71beb85
2025-07-29 15:06:32 20634fad3901fa98804c0c77989bb96576e851a1dded0b609cad2de41edb342e
2025-07-29 15:06:31 83e387387a33e2ed0ca78f23a9e20e18ee6b5491d7f548463608bd360a467c5b
2025-07-29 15:06:01 fce42dbbd8155dd05d3333fcc37b8c64183b6f2541f821f52433b8d790773775