ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 92.119.113.20:20871.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-10 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	226818
IOC:	92.119.113.20:20871
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS204601 PODAON
Country:	NL
First seen:	2021-09-26 17:26:13 UTC
Last seen:	2023-08-01 18:06:30 UTC
UUID:	d8d06844-1eee-11ec-b078-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-09-26 22:16:30	a4b51bd72dffd28ad3841217ffec9e43d21ee3c6f889be3ab760a4d24e7d58bc
2021-09-26 22:06:25	44f3c573b5d6d77d97c2ebf5d4a235da5aed3a18eb5b76ea420d262df0f3a826
2021-09-26 21:16:23	2b97860afd98dff5bed238e2a2ce25977b50ba5356333c502b8b1c61f8a73bec
2021-09-26 17:26:15	373c28b9c759d5421a44cd74989e8d625eacdd025d6372c280f848ac8c12ab12