ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 41.216.188.90:8081.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1734939
IOC: 41.216.188.90:8081
IOC Type :ip:port
Threat Type :botnet_cc
Malware: Quasar RAT
Malware alias:CinaRAT, QuasarRAT, Yggdrasil
Confidence Level : Confidence level is elevated (75%)
Is compromised? : False
ASN:AS30823 AUROLOGIC
Country:- DE
First seen:2026-01-20 20:31:47 UTC
Last seen:2026-01-22 04:04:38 UTC
UUID:0adc0122-f63f-11f0-9957-42010aa4000a
Reporter abuse_ch
Reward 5 credits from ThreatFox
Tags:quasar
Reference: https://bazaar.abuse.ch/sample/600aec4cd43b2c8aa807cb284744d776d6721ae7283b3209202e027a369d91b9/

Avatar
abuse_ch
quasar (aka CinaRAT,QuasarRAT,Yggdrasil) botnet C2

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2026-01-21 14:40:11 f9849d69b4330bca9caab82a85036852a97c402e8708490a107a8acd8a51df47
2026-01-21 12:35:13 e41b36b6d92fc760256888c8cf9de47a28d79e8f3f8713b4ad1596d53d09f492
2026-01-20 21:45:08 ffb58a5c749050a7b71297e0dbb159c8949bc9fdc2ee34d3b6e051b86dcabd13