ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 135.125.40.67:49126.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-16 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	244769
IOC:	135.125.40.67:49126
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS16276 OVH
Country:	FR
First seen:	2021-11-06 19:51:11 UTC
Last seen:	2023-08-01 17:56:35 UTC
UUID:	e43f96db-3f3a-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-11-07 16:25:45	ca4615a50dc5adad955daa48f4f2f83942719b55c293ebcff2f3911d97d2b062
2021-11-07 16:25:44	e7445d94c0f0e7f824a10a4eeb62ac26de23c8ab9355fa9bfc812bb26e93f0a3
2021-11-07 16:00:56	9aecf38b3ed3ecf1f26c556621fe314493909670ec6e408c59da665569248231
2021-11-07 15:35:36	2fa81f4a4c64e5595c5d538062b4e8435e10fccd9f81b73c6ddf752b9ace38af
2021-11-07 15:25:41	40b99287968196254dbb61673a964aef74e045a505d4b7b0a8354bb55c0270b8
2021-11-07 15:20:37	911d5864defca0256364a90ed1385c7006cfa4c4489eea555f8b78316abc7517
2021-11-07 15:05:38	13f344f4992df083cf861660d307f8909843db355215b102238b79b903edd70a
2021-11-07 14:50:30	24d0c8c617d6c6237022c5d2d064c1ef06a8b95a48856cb61065a37f6eea8a6e
2021-11-07 14:10:39	0233460124434610cbd87df8f414d4854970d5e840fd4f6547a781f4e8fbe123
2021-11-07 10:35:49	0f7c21c570188bc2efcbc856ffc79c11545550ca04b0af2f773e27aa1e9ba806
2021-11-07 10:20:45	71a117de440384fdc4b8fb690fc73674e9e2a9a75e68951ae798374808924264
2021-11-06 21:06:10	b4c599fc64c3786ba699be3e99490f8daaf41cdcdec2921731a7c61899c6b955
2021-11-06 19:51:12	d7223ebba63ac05d33ea06fbf95479f39971ec6c5c6ef93b9d96a7c2fb2cd23d