ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 51.68.244.175:1605.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1582183
IOC: 51.68.244.175:1605
IOC Type :ip:port
Threat Type :botnet_cc
Malware: Nanocore RAT
Malware alias:Nancrat, NanoCore
Confidence Level : Confidence level is elevated (75%)
ASN:AS16276 OVH
Country:- FR
First seen:2025-09-05 04:11:26 UTC
Last seen:2025-09-13 11:44:06 UTC
UUID:643ff464-8a0e-11f0-bfa6-42010aa4000a
Reporter abuse_ch
Reward 5 credits from ThreatFox
Tags:NanoCore
Reference: https://bazaar.abuse.ch/sample/ee5c5ba42032ee6a64f4fe4e3bf490c96275a6e4f7f53299286357f5c0adbed9/

Avatar
abuse_ch
nanocore (aka Nancrat,NanoCore) botnet C2

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2025-09-05 15:50:14 4b21f1e31ffadc5abe05030450d8dddc6375b86435b4408b6b816d33963631b0
2025-09-05 12:10:44 5f7a4e0cc9f7ff68d7ce55c83e6e0690570a107387e63a5da59471971d8a3aeb
2025-09-05 09:05:11 a26b584f55654d8a4a47744fdcdc01d19f86bfabf4bcb0f2305700d1600758ab
2025-09-05 06:55:07 ee5c5ba42032ee6a64f4fe4e3bf490c96275a6e4f7f53299286357f5c0adbed9
2025-09-05 06:45:09 8444a4843eae3e67f6c5803b61bdae3e9e6312d6d7375dda0631efff88f28e46
2025-09-05 06:25:11 6e0b04fbb5e05635c097cbecd9426e967c9ce1a79b1d60f0e6526048efc7da91
2025-09-05 06:25:08 be9dd4f3f02b114a25b98bacf4c04b1ac917a53831146418d929772286728602