ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 195.133.47.114:38620.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-26 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	259445
IOC:	195.133.47.114:38620
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS9002 RETN-AS
Country:	GB
First seen:	2021-12-04 12:07:20 UTC
Last seen:	2023-08-01 18:00:51 UTC
UUID:	bb739ffb-54fa-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-12-04 23:16:16	8115c0c6764f265cdc4e5b3bf1653293d7074ef7e6f5fbb6faa23f07e2391453
2021-12-04 19:52:56	2805be73a04fe26bd831204a0e30a9d629ad5567b9b275291354bf3c7e89b010
2021-12-04 17:27:33	7f33c8fe2dfa30e8e305d2d90b50f3fff90b52d86b3a9aac22b8d45560194244
2021-12-04 15:07:34	13604e540853b89f87b5aff5f800c13a5e51d443e68c89004f3c32c1bd3f544a
2021-12-04 12:07:21	981b90f1d189a21e3b3cc5363f369aa6534614cb63dc76de811aacd583a43b30