ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 103.112.99.226:443.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1683835
IOC: 103.112.99.226:443
IOC Type :ip:port
Threat Type :botnet_cc
Malware: ValleyRAT
Malware alias:Winos
Confidence Level : Confidence level is high (100%)
Is compromised? : False
ASN:AS400619 AROSS-AS
Country:- US
First seen:2025-12-20 14:40:06 UTC
Last seen:never
UUID:c712da56-ddb1-11f0-9957-42010aa4000a
Reporter abuse_ch
Reward 10 credits from netresec
Tags:RAT ValleyRAT

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2025-12-20 19:10:10 28328eaaa8995f20f7160ba23e29a14d7e60f2614e4f27f889123f754d7626ab
2025-12-20 19:05:11 23340d57977fa31fd6baec51dc9d42b9f791f3387df32b0095613dcff8501f2d
2025-12-20 19:05:11 930fd881cec8867db13d789dd138441cdf2df2a05df8804baa93c267b5934940
2025-12-20 14:40:09 ba17c774a3402a5188b2cdc0c2b0a7c3514294d2162960af9d2a5f6cdf02d89f
2025-12-20 14:40:09 35d221d282a772437c17e374f666dab1423d7af7377f9300baf3612db23874e4