ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 150.241.94.112:80.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1771245
IOC: 150.241.94.112:80
IOC Type :ip:port
Threat Type :payload_delivery
Malware: ClearFake
Confidence Level : Confidence level is high (100%)
Is compromised? : False
ASN:AS215439 PLAY2GO-NET
Country:- RU
First seen:2026-03-19 06:25:28 UTC
Last seen:never
UUID:03b45482-2349-11f1-9af6-42010aa4000a
Reporter Lenny_3BO
Reward 5 credits from ThreatFox
Tags:ClearFake Fragtor staging WebDav

Avatar
Lenny_3BO
ClearFake WebDAV staging server. Open directory serves Fragtor DLL as verification.google (1.86MB PE). Fabricated ntdll exports, Haskell/Erlang padding, .pdata2/.tls2 encrypted sections. Aeza International (AS210644 Frankfurt).