ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 185.159.80.90:38637.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-15 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	244238
IOC:	185.159.80.90:38637
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS14576 HOSTING-SOLUTIONS
Country:	US
First seen:	2021-11-05 15:40:57 UTC
Last seen:	2023-08-01 17:58:19 UTC
UUID:	c4db30c6-3e4e-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-11-06 14:45:19	4261e87d3e916e02dcf39dfe8ed50e51d30568a4e6627b5856686b0601e65781
2021-11-06 14:30:21	9f8bd178cc231cbb6fc80224146166894b8be33f6a72ae943a986eab29964615
2021-11-06 12:45:30	584d14587430f6fae5d9079a4a9b4a2c92de0dcc96cf171eeb583523e987c56c
2021-11-06 09:50:39	174e2cec27aa30a86233e67c4f7fbe5fb7f90a31b7e51425cca53c378bf93586
2021-11-06 08:15:41	f914e285b0b9ed8bc7907abf730e0c56bc212a05c35e0b83bbd721836828f2f0
2021-11-06 07:50:32	30132a44ceac4ce85fc91e4fc1a491806ef2e04e35503c617d468d10cfc339af
2021-11-06 07:35:35	78f400f53f37fa89473c7d58068e473ab9a41c97965fa1d1d6885564dac9e979
2021-11-05 15:41:00	eb4051d9395a8f7e8ae8dfa2cba858308b988ecfc6cb614ff8cacb11d5288e4b