ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 45.153.186.215:8080.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1771198
IOC: 45.153.186.215:8080
IOC Type :ip:port
Threat Type :botnet_cc
Malware: Chaos
Confidence Level : Confidence level is elevated (75%)
Is compromised? : False
ASN:AS202448 mvps
Country:- US
First seen:2026-03-19 06:25:03 UTC
Last seen:never
UUID:532dc491-2335-11f1-9af6-42010aa4000a
Reporter Lenny_3BO
Reward 5 credits from ThreatFox
Tags:c2 CHAOS FakeAppleTLS iran
Reference: https://search.censys.io/hosts/45.153.186.237

Avatar
Lenny_3BO
Chaos RAT infrastructure on MVPS LTD (AS202448). WebSocket C2 tunnels on .215:8080/8081 (confirmed 101 upgrade). Fake Apple TLS cert on 95.169.204.198 (CN=www.apple.com, spoofed AkamaiGHost). Co-located with Smite v0.1.7 tunnel panel. Iran-nexus operator (Persian UI, Tehran DC node at 87.107.172.129).