ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://176.65.139.43/lessram.pl.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1817612
IOC: http://176.65.139.43/lessram.pl
IOC Type :url
Threat Type :payload_delivery
Malware: Unknown malware
Confidence Level : Confidence level is high (85%)
Is compromised? : False
ASN:AS214472 STORMINDUSTRIES
Country:- LU
First seen:2026-05-23 14:54:05 UTC
Last seen:never
UUID:4a8eda0d-5686-11f1-b930-42010aa4000a
Reporter nullblue67
Reward 5 credits from ThreatFox
Tags:backdoor Bashlite perl Perlbot Shellbot

Avatar
nullblue67
PerlBot/Shellbot lessram.pl variant (low-memory target). Host IP already in TF as Bashlite+PerlBot.