ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 37.61.213.242:25027.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-12 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	249614
IOC:	37.61.213.242:25027
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS29066 VELIANET-AS
Country:	DE
First seen:	2021-11-16 09:51:19 UTC
Last seen:	2023-08-01 18:02:13 UTC
UUID:	bf73eddc-46c2-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-11-16 23:06:20	dcf4ecc6d3b70a3e11077862b9e3830806191f0718eecb525a3e7d24246c0287
2021-11-16 20:36:34	1166d4cf3f74f842d946286c590b01b6970640e7dd053d48d8663b1cc2a9b97b
2021-11-16 20:01:35	af3b8311c191d529461c48cdc5af00df25735fab439aa7570685b6c09635bc9c
2021-11-16 18:56:18	cc7e2217428f14e3a06133bdf794f3b6d0736d6903fb1baf9a475e346ae92525
2021-11-16 18:06:38	b5a2bb540684ed8d76719289fb97b63eab089cf39350e06e728ec13e84c81340
2021-11-16 17:11:21	2beac8c979465806b1c3f9e2208ef7956b201b97368dce8293bc948f78c96e96
2021-11-16 16:31:35	37a9569341b5bcf4b75f01e2c5ae73cc9e5b0da434f369fe513328a8f1b989a4
2021-11-16 15:46:17	e58ea2af775f4ae34d100e668d39e11e439579bfe1cd5e0031ebaf65d59c1aa1
2021-11-16 14:11:25	a159446e5616abe7ee2d3f86ba3ff4a8551fd1464f29f6994bc9068c09c3a122
2021-11-16 13:46:31	5241bfe2b10e10c08c3ed731298b27dfd708be81460ad281dab3e6987e41712b
2021-11-16 13:36:14	4979ca2f2836f530e86817c295242d84fab8d641fec826e5d1dd0a9b38cd5f02
2021-11-16 13:26:10	81d0fa573d62f82c6d90109d45b923ba28d40a628a03d9d6d1ad46dd69b43f07
2021-11-16 09:51:21	1d5cd8d7dc8c3bf896e0b16d04ea130bf252ebbf10ff0742b3d125c2a4e84ce7