ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 65.108.21.21:18653.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-13 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	241085
IOC:	65.108.21.21:18653
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS24940 HETZNER-AS
Country:	DE
First seen:	2021-11-01 10:15:21 UTC
Last seen:	never
UUID:	9f37e26d-3afc-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-11-01 10:15:46	ba06b55744c6495969b54d230e367a23cec295035c77aea83c3f97a482e00906
2021-11-01 10:15:43	acca11a2d0fc746a66b352eec2ebe5f4b48abd4d37f6ff433199f627312c65a0
2021-11-01 10:15:40	d550e81d0b0430f78b295dd361d1456974922e5018d7ac7886978acadf2f6364
2021-11-01 10:15:37	c92f37cd8929daa646fa12aa70a933d5ecb625e455c332d2b5665d58083c1d80
2021-11-01 10:15:34	a706b4a7c2d2a38b2a417f05c34fc5585fc89e31b9ce50438673832a40583967
2021-11-01 10:15:31	ffaa1ef0eb9c2a6d046d0be63ac5eb84ff761cabffd9902525f8a77dc9236908
2021-11-01 10:15:28	930859954b0a6533d743f65246a5d2972eda2c8ac36af801233f530dc27fee77
2021-11-01 10:15:25	39780c4b8ee43052a5da080b4599292b8c5751ddee6c9842037b276b4cb1cea2