ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 154.91.64.65:6666.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1742641
IOC: 154.91.64.65:6666
IOC Type :ip:port
Threat Type :botnet_cc
Malware: ValleyRAT
Malware alias:Winos
Confidence Level : Confidence level is high (100%)
Is compromised? : False
ASN:AS399077 TERAEXCH
Country:- US
First seen:2026-02-07 06:03:06 UTC
Last seen:2026-02-14 16:01:43 UTC
UUID:ab84d51e-03ea-11f1-a068-42010aa4000a
Reporter DonPasci
Reward 5 credits from ThreatFox
Tags:AS399077 c2 RAT triage ValleyRAT
Reference: https://tria.ge/260207-gkkbkaet3h

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2026-02-08 14:55:06 718d8efde0ba4ba81ce3d1bf56a0e1a1acaace8f2dae94677473991b27276d91
2026-02-07 18:45:06 729c830b997d00d365ae4dadee5e26ce2a269df651c93a8337bde5084c66cc1a