ThreatFox IOC Database
You are viewing the ThreatFox database entry for ip:port 92.118.235.112:3004.
Database Entry
| IOC ID: | 1590459 |
|---|---|
| IOC: | 92.118.235.112:3004 |
| IOC Type : | ip:port |
| Threat Type : | botnet_cc |
| Malware: | XWorm |
| Confidence Level : | Confidence level is elevated (75%) |
| ASN: | AS153393 RACKVOLT-AS-AP |
| First seen: | 2025-09-15 05:40:55 UTC |
| Last seen: | 2025-09-17 10:27:45 UTC |
| UUID: | 8c7fa6d2-91f6-11f0-bfa6-42010aa4000a |
| Reporter |  abuse_ch |
| Reward |
50 credits from anonymous 10 credits from netresec 10 credits from akanine1337 10 credits from Saber |
| Tags: | XWorm |
| Reference: | https://bazaar.abuse.ch/sample/ca9930f9537efeb6b704634f528df22dd857a71fcc060308d73ee2ed1a5d8d3a/ |
Malware Samples
The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).
| Time stamp (UTC) | SHA256 hash | Bazaar |
|---|---|---|
| 2025-09-15 14:55:37 | cc9c97df5ee39250db09b1255781a5c6bd02a441a4ee24c3613bc6b863c01c04 |