ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 138.124.186.2:27999.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-10 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	226741
IOC:	138.124.186.2:27999
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS210512 IT-COMM
Country:	KZ
First seen:	2021-09-26 09:50:41 UTC
Last seen:	2023-08-01 17:56:52 UTC
UUID:	35f145f7-1eaf-11ec-b078-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-09-27 05:06:15	9b047c007e428da0cc6a5c01b143ac1f299133ae7509e88923c430f7ee8b3f27
2021-09-27 05:01:19	276380342eb4faec0de17976d00cd908666e6b2b74343fdcb984d6f2194099d6
2021-09-27 04:40:47	e32667f798148a1033335863662b7524016f70895a5c35eefca03d107e62476a
2021-09-26 23:36:04	11b4633345982ace9d710465450941598b2f9289f0438c358fa79eb8eaf680c3
2021-09-26 22:16:01	a4b51bd72dffd28ad3841217ffec9e43d21ee3c6f889be3ab760a4d24e7d58bc
2021-09-26 16:10:57	f6ede8409878ceb95b88f9cc7064b816568a0be6a933676709152de794173e1a
2021-09-26 15:40:59	c8c2f5565b13fbb60b89d11b7e71a03666c3afb2246b87e633cac8023bec0b24
2021-09-26 14:20:52	dff7a52513235d80ee44e0a38c1b9078787d0482af66646b4a84c43bc539e2b3
2021-09-26 14:01:02	fe182a93d10cf8b048cb1a72b07f80ded9f6e2e0177f74f2baf9f17ede242ee9
2021-09-26 11:10:50	92d3bcce6b0f038eeadea190ef6915090f843de525601fe4a61334cdab827bbf
2021-09-26 11:05:41	64cb3ce12c5cdfdf4e0dd3e9f0bcd9e43745ee83c3289a27c73f6c6f4243049c
2021-09-26 09:55:45	e539faa062b0aefbf32f84e2b757fc1e40b2f53eb1aad7fdf942e5b594e63915