ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 66.63.170.28:2404.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1825811
IOC: 66.63.170.28:2404
IOC Type :ip:port
Threat Type :botnet_cc
Malware: Remcos
Malware alias:RemcosRAT, Remvio, Socmer
Confidence Level : Confidence level is elevated (75%)
Is compromised? : False
ASN:AS36352 AS-COLOCROSSING
Country:- US
First seen:2026-06-10 08:25:37 UTC
Last seen:never
UUID:f5a552bd-64a5-11f1-a345-42010aa4000a
Reporter abuse_ch
Reward 5 credits from ThreatFox
Tags:remcos
Reference: https://bazaar.abuse.ch/sample/0cda40984c73831b5181a9e9ec9e064bd62631436643d5644b49763b029ef131/

Avatar
abuse_ch
remcos (aka RemcosRAT,Remvio,Socmer) botnet C2

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)SHA256 hashBazaar
2026-06-10 23:55:08 0fa25fe613da2ec00cd97ac83ccf8e5b510a423ff460be030d71cdc48befc06f
2026-06-10 20:10:08 8d59761d1e3dc3bfc1b43c5ed15dade7fd375b1d314313d483bf9ff76cd7af57
2026-06-10 16:40:11 0cda40984c73831b5181a9e9ec9e064bd62631436643d5644b49763b029ef131