ThreatFox IOC Database
You are viewing the ThreatFox database entry for ip:port 213.209.150.111:24680.
Database Entry
| IOC ID: | 1571990 |
|---|---|
| IOC: | 213.209.150.111:24680 |
| IOC Type : | ip:port |
| Threat Type : | botnet_cc |
| Malware: | XWorm |
| Confidence Level : | Confidence level is elevated (75%) |
| Is compromised? : | False |
| ASN: | AS214943 RAILNET |
| Country: |  US |
| First seen: | 2025-08-21 07:21:06 UTC |
| Last seen: | 2025-09-13 11:43:49 UTC |
| UUID: | 66cc4544-7e5f-11f0-bfa6-42010aa4000a |
| Reporter |  abuse_ch |
| Reward |
50 credits from anonymous 10 credits from 01Xyris 50 credits from anonymous 10 credits from netresec 10 credits from akanine1337 10 credits from Saber |
| Tags: | XWorm |
| Reference: | https://bazaar.abuse.ch/sample/8dacb47c69a35a199894f29a981969a46029c9256610ac3045c624959839aaf0/ |
Malware Samples
The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).
| Time stamp (UTC) | SHA256 hash | Bazaar |
|---|---|---|
| 2025-08-23 16:55:28 | f082791d3a71054e2becd94d68323ff2cbe2e597d94fc6135a3a8b524a179e4e |