ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 104.225.129.77:80.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1783819
IOC: 104.225.129.77:80
IOC Type :ip:port
Threat Type :payload_delivery
Malware: SmartApeSG
Malware alias:HANEYMANEY, ZPHP
Confidence Level : Confidence level is elevated (75%)
Is compromised? : False
ASN:AS395092 SHOCK-1
Country:- US
First seen:2026-04-11 07:06:40 UTC
Last seen:never
UUID:23c18372-34dd-11f1-9af6-42010aa4000a
Reporter Lenny_3BO
Reward 5 credits from ThreatFox
Tags:ClickFix powershell SmartApeSG

Avatar
Lenny_3BO
Stage 1 server. Serves PS loader only to PowerShell IRM User-Agent. Spawns hidden powershell to fetch stage 2 from 208.123.119.156 (qxazzilo.top). Apache/2.4.58 Ubuntu. Shock Hosting LLC AS395092.