ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 20.6.131.45:443.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1646749
IOC: 20.6.131.45:443
IOC Type :ip:port
Threat Type :botnet_cc
Malware: ValleyRAT
Malware alias:Winos
Confidence Level : Confidence level is high (100%)
ASN:AS8075 MICROSOFT-CORP-MSN-AS-BLOCK
Country:- US
First seen:2025-11-19 16:35:07 UTC
Last seen:never
UUID:b5bf071d-c565-11f0-ad21-42010aa4000a
Reporter abuse_ch
Reward 10 credits from netresec
Tags:RAT ValleyRAT

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2025-11-20 13:15:13 1c88f34e755b2e9cc5766f2787b49ce2223d2a26487738869a8ba05d0e909d38
2025-11-20 13:15:11 899cb424a250e13191b2d85de9a380c9a2e1ce316c4f46ad0db88d46a01aa8ab
2025-11-20 13:15:08 d024dbffa51bbb2f85ab478587a9971c3fdc88fae07f09abe37f1225be4fe0bd
2025-11-19 16:35:11 2bf34084c3f30c08e816e8e28033f3d59d62dfdbc586673f177396d379dce8d2