ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 185.92.74.142:80.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-10 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	227056
IOC:	185.92.74.142:80
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS200904 FOXCLOUD
Country:	RU
First seen:	2021-09-27 13:42:32 UTC
Last seen:	2023-08-01 17:59:20 UTC
UUID:	c4417b7c-1f98-11ec-b078-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-09-28 12:35:20	2ae6703e19002c43074774727b96a0de197208bef65f33b52272ea5327cb586d
2021-09-28 05:47:23	0944d8cdfc8e2b3e47bc92d3541555595973f894a0d52bf1a5f55ca6e07d9d76
2021-09-28 05:36:53	2b523dcf37ede2914d3642c04abc3c336bf89fd0590a393fd11f28985e267720
2021-09-28 05:31:43	100e3672cb4a3eae829997569319617902e68ab0896dd65bff4d8ab445917876
2021-09-28 05:16:51	0652c9175a86e4089ae3370daf85e588d28d8f23ed7a17479841504c67357ab9
2021-09-28 03:36:28	9d029e5ccfaca560c5cf6bff97f28a4f5e7baaa96c2e5d9e4779beaf4b3e4bc6
2021-09-27 17:27:48	d0426ed95048ec08395edddaaa1d3ccc7a3f769d4324195e1f075b16f462a4c6
2021-09-27 15:37:39	25d08c4963813d33d518d48f357079ccc6ddc28516cbcab1838efc2f55ed712b
2021-09-27 15:32:03	ccbded51600db440d54831ff724cf0e988220da4cd069244ade361c959b8c852
2021-09-27 13:52:32	26e2162f3b45c16da421b18e0a1163c9e2900c250a796bb535435e63e7562e70