ThreatFox IOC Database
You are viewing the ThreatFox database entry for url http://45.42.201.248.
Database Entry
This IOC expired
This IOC is an old IOC and hence has expired on 2026-06-16 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.
| IOC ID: | 226702 |
|---|---|
| IOC: | http://45.42.201.248 |
| IOC Type : | url |
| Threat Type : | botnet_cc |
| Malware: | solarmarker |
| Malware alias: | Jupyter, Polazert, Yellow Cockatoo |
| Confidence Level : | Confidence level is high (100%) |
| Is compromised? : | False |
| ASN: | AS40676 AS40676 |
| Country: |  US |
| First seen: | 2021-09-26 03:02:21 UTC |
| Last seen: | never |
| UUID: | 2afcfc96-1e76-11ec-b078-42010aa4000a |
| Reporter |  AndreGironda |
| Reward | 5 credits from ThreatFox |
| Tags: | Jupyter Polazert SolarMarker Yellow Cockatoo |
| Reference: | https://tria.ge/210917-qszkwsafan |
AndreGironda
$a = { 06 15 2e 0d 07 15 2e 09 08 15 fe 01 16 fe 01 2b 01 16 00 13 04 11 04 2d 05 1f 3f 0d 2b 15 06 07 }ed4c664db0d2e4251da2ebb0d1fef884ca4bfb77c4c616595f59f211602b4425 4bc4e818-0480-455d-bc54-735b394a52ba.dll
cb1d73323d3d80004ada185844b0d461abd9ded736d5dc690607f935b4f2b58a MSIF4CF.exe