ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 45.9.20.149:42871.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-10 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	260111
IOC:	45.9.20.149:42871
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
First seen:	2021-12-06 03:55:57 UTC
Last seen:	never
UUID:	6b303af4-5648-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-12-07 03:40:28	37a69c08e620bc15bedc0b2d3288a621c6ced511017433d3b8e2e5bb7e2155d6
2021-12-07 02:25:52	4666b3a3039e2dc192d56d4ae00d1935e6b3749e05a7e6cc0342414cea8b546f
2021-12-07 02:20:47	18043164cd4ac2d77236cfb68b40ff466c6745d0d7647077ad8b161d84523995
2021-12-07 02:10:44	e2d05e5660b4cae33a0283efa07c052bf7f2c776e782004e8f690bbf3ae6f48c
2021-12-06 12:56:10	304d44b59e457f07939380678b8fb59b1f6b4bd449bcaacf87aa150c3fa311e6
2021-12-06 11:36:47	d0a2d38c92632c54e617a3a347f36fa57baeda485329bfc4504b472101b65b73
2021-12-06 10:01:27	972b5ebdc8a6dbbf4e3033d3053cc3ba5fecc429af0c4fa020213e3c621504d7
2021-12-06 09:16:18	e2566524bc3426344ecf9dd2376f52a25eceede6968fc255028caabfb6f32074
2021-12-06 08:05:58	8ffa24a981275d475221beac23988667f62a98a4ef19a420f9bb1fcd8a763340
2021-12-06 06:01:01	bec84374ec69284617428819047e712e66452381442e679d8b882b2db41ffbce
2021-12-06 04:11:08	c62d71d8d8394949fe7d834f4026833b06dfb6b3c06c54fd1014e1fc13428726
2021-12-06 04:06:00	9c6fa478118c7e8e76636754a40396924323fa5731609ded0d1b44113db461e1
2021-12-06 03:56:01	ee3e7d2742d255dff6fd48dad7a579290559f3c014ddc0bed1781a4a89c6d5a8