ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 156.244.44.239:54780.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2026-06-06 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	1590753
IOC:	156.244.44.239:54780
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	Bashlite
Malware alias:	gayfgt, Gafgyt, qbot, torlus, lizkebab
Confidence Level :	Confidence level is high (100%)
Is compromised? :	False
ASN:	AS138915 KAOPU-HK
Country:	CN
First seen:	2025-09-16 06:49:03 UTC
Last seen:	never
UUID:	af88be7b-9279-11f0-bfa6-42010aa4000a
Reporter	Anonymous
Reward	5 credits from ThreatFox
Tags:	c2 DDoS Gafgyt trojan

Anonymous

97972e672140c19ec8e8e3473a757d543ee6360780da6e6cd8327a19c857d340
090685d700c4f990e0e4049eb0ab602b386e10313799468ba8450748e9b364fb
8438a02e19612d81171a5dd6681dc6816cf841cad31eb4b826e172da2014a6c2
0b23109a5278b7f8aec32b44e4c233f35271b5b09dc1d1dcf93a42ffa0ae2d51
c99284b189ad50ea184e8080f9d1e2a6e2865398eeaae7e3efb5c9afcf9fcfa2
4ee932ad9e97fb8feb7d09baf47058bb0b7e3082b6791ee926b3b83a0ec853fc
c65f83f95df4cb8b8be9bc23820c7d426027973c3f8e49b5ee3f76917d5364d1
bba1677aec264e520eb580b5b8a435d9834cad10efe221298bc850f445f69252
09ed359c22b9770c4adc28f4f267b37fc80a971998b70cb951378e2d7da61468
eaaed6f12dca54b40d74e2d015663c478b1e6b47aa21c41a067c9829997c3fc0
773e18428e608c8f34ddb076d6c2cd30d862d631c9ebbeb513917c97ec994119
282e078a9401e60a10845745a952582d89a0724c3861797a6f3467daf7d7fa09
9198cb65b1be69dfeb1930b1e11b0173a96fc9fad15dbe8d519002292870d329
97972e672140c19ec8e8e3473a757d543ee6360780da6e6cd8327a19c857d340
6e7263084153c16cefab749f55f10b1fdd2ad3b65d59423b75225d866ed0e1a8

use opennic domains with TXT encoded/encrypted records

mineplex.libre
lin.libre