ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 193.111.117.146:6002.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1572347
IOC: 193.111.117.146:6002
IOC Type :ip:port
Threat Type :botnet_cc
Malware: XWorm
Confidence Level : Confidence level is high (100%)
ASN:AS207043 DEDIK-IO
First seen:2025-08-21 18:00:21 UTC
Last seen:2025-09-13 11:43:49 UTC
UUID:b4afac07-7eb8-11f0-bfa6-42010aa4000a
Reporter DonPasci
Reward 50 credits from anonymous
10 credits from 01Xyris
50 credits from anonymous
10 credits from netresec
10 credits from akanine1337
10 credits from Saber
Tags:AS834 c2 triage XWorm
Reference: https://tria.ge/250821-wffj5svxct

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2025-08-21 19:20:22 3b6c1e8c7c6ad7b072342cca9f60c4c0b533c883c49c75c39aaee41bddca9b57
2025-08-21 18:50:21 e681a8066c6644a7e8837c5fbeb732503a74a7962f060f9a2ea7d61549f5c414