ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 185.132.134.148:55353.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-10 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	229068
IOC:	185.132.134.148:55353
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS49981 WorldStream
Country:	NL
First seen:	2021-09-30 21:26:16 UTC
Last seen:	2023-08-01 17:58:13 UTC
UUID:	0b63139d-2235-11ec-a35f-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-10-01 15:27:01	dd7cafe1ec74547073de35dbb26140cd504814e02f551e2ff45dd255df0418ee
2021-10-01 13:21:55	1f94c8c257ec14cab280e89a7ebd1a3b2befd02eb9388e2d0cdb083632f3a666
2021-10-01 08:31:44	938029b6b522bdd22cbba8cfb88a1d97d0fbc264d1d7a5ded22a4924a15e6161
2021-10-01 04:22:00	5498bdb1ff51c482495b0dc64b119fc1b1507dcae621b8b1ecc52b2261c60a75
2021-10-01 02:06:54	37b2718705e2cdcbe38e2e27173ba95467b68d45187a25e5bd8114b5b2c182aa
2021-10-01 01:21:47	a6a0c59a5f4c53ac5df74aae93d700cf287a370505d815b1bc26b006163d9bd7
2021-09-30 23:51:05	9120c76730e1b71cf6e3f7b9d0f87d18d14438c4517f3819c051f3d0f2ce2d77
2021-09-30 23:26:32	63301a39b93b63acab80e0a05b909f733d792c7ae829a0a207d2fa2e1498158f