ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 45.9.20.101:23970.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-13 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	292069
IOC:	45.9.20.101:23970
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
First seen:	2022-01-09 15:06:01 UTC
Last seen:	never
UUID:	a8cca4ce-715d-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-01-09 19:15:53	1b8192ec7f52e9056f5f2c83f0a9c56c83469575fded613e6ae7c1f3505a3c1d
2022-01-09 18:21:06	40e53888088f51617c2460792d953c5d3a8503eb17c3389614d3f8412bf1661d
2022-01-09 18:16:06	0d018bef7dc5e274d5589cd9af8e49419cbf52bdfb9cd7d19e480c63263f9dd6
2022-01-09 18:16:03	2b8d595d4763ee7ae46bf143f394fe9239d2a0d1a77dea9d2f69cfb5e253c042
2022-01-09 17:45:52	08a6dfeb7adf5eb90703abfab6c1f24a9f93c79e6287213f695c44f0181644ec
2022-01-09 16:21:05	492ee4f4523bbce520cee6d63b3175a720ba7f7f5d6a8adddfff58d0ac909fe9
2022-01-09 15:16:02	56c6e786a980422a6dc322c54dee750a936f4f143d268053d392a4486c10b5d3
2022-01-09 15:06:04	55f429935a1ccd1ded86968c7ee688a3169031789ce4b1c23ad2375daef8d911