ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 84.38.189.175:18214.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-12 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	237935
IOC:	84.38.189.175:18214
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS49505 SELECTEL
Country:	RU
First seen:	2021-10-26 22:01:05 UTC
Last seen:	2023-08-01 18:05:35 UTC
UUID:	37a42031-36a8-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-10-27 01:31:17	f25d7dae55dc8c848e9fed3f218f886f4ca4412e5b94ae882c846c9b52a14046
2021-10-27 01:26:21	7e52d4da15fe2a58de032652081f0875c6edb3259033a50acccd288d3aa3d8dc
2021-10-27 01:21:16	06d07f69cdae6332477465591c3d1a7ea1e694660339e1afe08796f10c999a93
2021-10-27 01:11:13	305ebe159194fb04b8277b88250e2c184637d3130b1afa1d48fa6917c4f965ff
2021-10-27 01:11:10	4f153e6ce78056f92411d5ef40fd99926f4f0130b3050136307ed8d4e9276130
2021-10-27 00:01:26	c6498d4425f32bb7027530a8f717b3374a2fc968f5f6f804ce17626644e17133
2021-10-26 23:01:13	b6caee45c87c15b789975b63f5ee6edfb1be6c7ef8c5854c2decdfe501797fc0
2021-10-26 23:01:12	b64ab676ffe01925adc506eebcc62f6edc901e017c339af5d90f6d64292e9822
2021-10-26 22:06:09	f29a3cecd0efa7f1f0c45c8572048c942090dcebdd968b9fcf4cce4380c01824