ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 158.94.210.127:6991.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1738117
IOC: 158.94.210.127:6991
IOC Type :ip:port
Threat Type :botnet_cc
Malware: XWorm
Confidence Level : Confidence level is elevated (75%)
Is compromised? : False
ASN:AS202412 OMEGATECH-AS
Country:- GB
First seen:2026-01-28 01:40:34 UTC
Last seen:2026-02-13 07:02:46 UTC
UUID:56a3c34e-fbea-11f0-b7d0-42010aa4000a
Reporter abuse_ch
Reward 10 credits from Saber
10 credits from anonymous
Tags:XWorm
Reference: https://bazaar.abuse.ch/sample/8d950928f9492e19a346689b43c077047d1ca80211714ab9adebd300f8bd1c11/

Avatar
abuse_ch
xworm botnet C2