ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 185.215.113.67:30242.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-12 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	259157
IOC:	185.215.113.67:30242
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS51381 ELITETEAM-PEERING-AZ1
Country:	SC
First seen:	2021-12-04 00:46:26 UTC
Last seen:	2023-08-01 17:58:53 UTC
UUID:	9ca1c9f2-549b-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-12-04 21:35:37	cf91e3f791e5a6e9ce4cf4c1765ffdaf0fd8a61382071c2ef7e32e84f7b854ef
2021-12-04 20:30:34	10645f6f4e270d6a9181b7c04c11e5b251caabfe7a2043408d74b6e0184ea48e
2021-12-04 19:56:55	2805be73a04fe26bd831204a0e30a9d629ad5567b9b275291354bf3c7e89b010
2021-12-04 19:32:08	ae60a280257bc6ace0c425c0fd2fc3724bc79775ebacd6050698e07782c3b8fa
2021-12-04 17:27:01	7f33c8fe2dfa30e8e305d2d90b50f3fff90b52d86b3a9aac22b8d45560194244
2021-12-04 16:16:42	542592d8df18ce17532f306f2b60c056657fa50f043c879146858e6bfe9d8a02
2021-12-04 15:07:06	13604e540853b89f87b5aff5f800c13a5e51d443e68c89004f3c32c1bd3f544a
2021-12-04 13:16:49	2d6e500cd05d253993074c7b49112065e6578c0757c599de04849522655ff33d
2021-12-04 12:41:38	b8d14fc026db86eb6186ad872110aea6bdd5d9352cd0cececb26c1c7df953aa2
2021-12-04 12:06:53	981b90f1d189a21e3b3cc5363f369aa6534614cb63dc76de811aacd583a43b30
2021-12-04 11:26:54	42c46e52349c141ca74b1e672e6785a948012acab551b37b97dbe78e0620fceb
2021-12-04 08:11:55	17720f794f8ed7b19821d11379903549ac4b6f83df4104022084a05acde254a6
2021-12-04 08:01:55	7e6888c535be7bfc54222c639a8a3d65d92fa733eec26f113de195842ec1525d
2021-12-04 08:01:52	66798c6d3dc469191b6f79c5847845df119d7cff50d1d271959a28173b930755
2021-12-04 02:46:20	a7ae2843ba9ab452c9588cb8a3cd0a1dc4d66d72d23416238af3e256ac269a89
2021-12-04 00:51:26	29051151777a6f7f0e7ebeab85ed7eaed71029fbbb088785f8598798093e1735