ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 45.9.20.253:11452.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-10 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	287667
IOC:	45.9.20.253:11452
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
First seen:	2021-12-25 19:01:04 UTC
Last seen:	2023-08-01 18:03:16 UTC
UUID:	024b598e-65b5-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-12-26 18:40:18	2992c4b00c678a438b0b935e09e0fd341a44c46fe0dd2f18621570f55133e4df
2021-12-26 12:55:30	380cd876dd3a7dbe477ea7ceaa47e6c72e53a762f0e5e14aabf8c71702325fdd
2021-12-26 06:26:03	a8608c25f43dcab1c8501cb89b796d75b94a0abd260d3cee39a7e56e889326d6
2021-12-25 19:11:02	819c9d8c88fc1ffbfeae1797646f7b90f930fef4dae513fe8e43fad3bf475bf0