ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 185.180.231.69:42875.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-10 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	192572
IOC:	185.180.231.69:42875
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS204997 FIRSTBYTE-AS
Country:	RU
First seen:	2021-08-22 00:55:58 UTC
Last seen:	2023-08-01 17:58:28 UTC
UUID:	b6ae3abf-02e3-11ec-830d-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-08-22 21:20:30	ca12d3f00e654a8c51e15c6eaed8330721e48f398f877fc0ed68a983d3191a37
2021-08-22 17:10:33	7e92233d9ad854b672068825a64c442ed8e6f4f283729c874296278e235d7241
2021-08-22 16:45:31	b86047d5aea4bef1ca9cb118c8aa98d33d3bfcfa51486b3add9cf90826bff376
2021-08-22 14:15:29	3d7ba99d7b360819146cd6223b2d668e8b1a661023f5b36932860bc84271eecd
2021-08-22 12:30:37	79cfa9dd85705b7c3453ca1959f6a3edd2d3b7ca63f894b01b3214d7d74c76a6
2021-08-22 11:55:31	be76d8099188dcd24930e143e92a6c0d0f0e8c55de5dc4c17faec4669ff39802
2021-08-22 10:40:37	1c74706b3f7dc817e51a166a5e41e55383347e1080a3b2aa41b9f6dd87d63040
2021-08-22 04:25:34	6537dc51442beed86b6cf785a5f3f5525aa9bebb25cadd3f38399797adf14259
2021-08-22 01:06:02	68ad365201a3ead170378c56327e94be9eb337fda3487dac317981e843cf7eec