ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 8.149.137.211:1145.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1578302
IOC: 8.149.137.211:1145
IOC Type :ip:port
Threat Type :botnet_cc
Malware: ValleyRAT
Malware alias:Winos
Confidence Level : Confidence level is high (100%)
ASN:AS37963 ALIBABA-CN-NET
Country:- CN
First seen:2025-08-30 18:01:18 UTC
Last seen:never
UUID:5462f8ec-85cb-11f0-bfa6-42010aa4000a
Reporter DonPasci
Reward 5 credits from ThreatFox
Tags:AS37963 c2 RAT triage ValleyRAT
Reference: https://tria.ge/250830-rcf92svls2

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2025-08-31 01:30:23 d64ba1b8c36f92af1597cff997176a7029eb45063e80e721d73a931a686889f9
2025-08-30 21:55:19 c8e8d9c72b572aa237d3fbbca03b8ea20c9c01a747262c4266fbb86e5db46589