ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 185.140.53.130:6642.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-18 01:15:02 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	227067
IOC:	185.140.53.130:6642
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	Remcos
Malware alias:	RemcosRAT, Remvio, Socmer
Confidence Level :	Confidence level is high (100%)
ASN:	AS152586 KUROIT-AS-AP
Country:	GB
First seen:	2021-09-27 13:52:37 UTC
Last seen:	never
UUID:	2c5d5ba2-1f9a-11ec-b078-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RAT RemcosRAT

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-09-27 14:17:55	5032fd3fd02f8b279c106fd0796d65d1451ff03b3bb83449241a6e3fd4a0126b
2021-09-27 14:12:18	3be00040e51cd821bbdf73024cfc37f441ba985017128ff832391022988433d9
2021-09-27 14:07:07	c6ed4917512a2d3ec0290fb2dab92dfabd7e5e898f0deea9738dac05bb153d35
2021-09-27 14:02:46	e2bf9e2c787866d86fc1ae939c378f7d22fab268a00ae163fff1b79332df2088
2021-09-27 13:57:41	b8ff5642173ea1664b856f47468ebf4778be3154b7b0a6bfa6a0950f51973c69
2021-09-27 13:57:40	18e7778ca7011e78b0c8bcf8e4c72d7c7ee26bbe4ea30d4003c799cb5740fa40
2021-09-27 13:57:38	d4bd7d642e2ddcab2e7e6990d7e41b50826bb0354531b42926ba989cb3109880
2021-09-27 13:52:39	bd57352d9ece91a5b500a1172723466691cfa51081ceb792d42f46176231d6da