ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 142.11.206.73:8000.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1782478
IOC: 142.11.206.73:8000
IOC Type :ip:port
Threat Type :botnet_cc
Malware: WAVESHAPER
Confidence Level : Confidence level is elevated (75%)
Is compromised? : False
ASN:AS54290 HOSTWINDS
Country:- US
First seen:2026-04-08 06:42:35 UTC
Last seen:never
UUID:b54be0d5-32c4-11f1-9af6-42010aa4000a
Reporter Lenny_3BO
Reward 5 credits from ThreatFox
Tags:Lazarus UNC1069 WAVESHAPER
Reference: https://cloud.google.com/blog/topics/threat-intelligence/unc1069-targets-cryptocurrency-ai-social-engineering

Avatar
Lenny_3BO
WAVESHAPER C2 node -- UNC1069/Lazarus. Port 8000 observed in prior ContagiousDrop IOC on same host (TF 1780228). Likely dual-use infrastructure.