ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 91.245.253.52:38439.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-10 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	229690
IOC:	91.245.253.52:38439
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS9009 M247
Country:	RO
First seen:	2021-10-02 09:31:18 UTC
Last seen:	2023-08-01 18:06:29 UTC
UUID:	7f54c6cf-2363-11ec-a35f-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-10-03 07:35:18	cd5fe26fcc5833050f6371baff7fae45070cdf8b03b7fd5f082b1c21cd42a2dc
2021-10-03 07:30:16	f769ea780719b11d09e16871d67e56a70626969507b9c638603f63ab37f6c3a8
2021-10-03 07:15:17	44598f05340aa61c367f4c1f43708fb90a34ad5e82807329655b797b17078dd8
2021-10-03 07:10:13	31bf335883616edf928e0a4a6ba9a4efba77afe243ec81a42c65f25ada8c9784
2021-10-03 06:45:19	a19c6c6ababd9decea2b6b842586a9e17b55554924a0e9a29f8abb7bd7b4980e
2021-10-03 06:45:17	ba4d16c9ab70e69152e0c693a6a3aa5c3dcd26129e5a13b9dcb6645ff9940283
2021-10-03 06:45:15	b5dbd687e03ca05e79cc90bb069df6fad6c379b99fca6e0366934a690322bfad
2021-10-03 06:00:18	e0b642c24bbaa80348a1a52973bdf57a8b92762fd61df82ca3f175a091495524
2021-10-02 12:10:52	8e71aba333f1bb1abeae3c00e88cdb0360fe6aea8719994a9601b716492fa301
2021-10-02 11:01:15	f7f6c6651d65b0cb84634ef2e2ca985392d41d79dfd18180544d02c07fcc91bb
2021-10-02 10:40:52	fab15b7f61f816cf3128cc02c96d98d3385533087bc5afe3cd3799e7e034ce7f
2021-10-02 09:46:05	1ddd374b5dab71ded0cd75106c706994ceaebc0070033c58c48fe7005ba3ab5d