ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 45.9.20.111:1355.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-10 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	303028
IOC:	45.9.20.111:1355
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
First seen:	2022-01-19 17:42:01 UTC
Last seen:	2023-08-01 18:03:14 UTC
UUID:	1b5e8c31-794f-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-01-20 07:32:08	fe3820ae1da9b861638dc2070d08e82b8ee26a35e18823d61591d27bb08cf7f1
2022-01-20 07:22:39	4256fe966bfd443f9b41d476f77cee30922d695f5e090910709c1d5971e0103a
2022-01-20 07:22:35	ed699fa052ccc691ef9bd36b034dbb76a83a0f3d6aa1a4a1456e781b46292015
2022-01-20 07:02:44	1a19f686e340a2e7a98406adb717d55fa76c2d12e0740565a90ae7eeb8997a16
2022-01-20 06:52:05	68a03036f681dd983cce0963051c546806db97d728baaf14b969432229c3b4f4
2022-01-20 06:52:02	ebcd87682a64fc4d285a4ea0ff59ec860cfb6ba19c8d2e165b5fe69ca3adbbc5
2022-01-20 06:41:44	5169eb4aac96b3333dcf7c0eb628a340f6997c65c54e8728a0f6c8501ae6742f
2022-01-20 06:41:41	c616122ddb20e0572157aad9871b38b1e395187e9a3d6127d2dd17371194527f
2022-01-20 06:37:05	2e6a515f6f0f4c6afeee0504513de753828975c0a0ee4630ccd4474f0ca8e002
2022-01-20 06:37:03	a981e21aac19c98e126737f1ffeb2e4040cca00f393d4c3a9b705baf9df00986
2022-01-20 06:36:59	0abb7a8a9e8ae8584f07303c705ae630899b394028e092b72594b3158b4cdc56
2022-01-20 06:36:57	014d9e246efaad3a91e21a36303842275f2b767245e3989143a75995babb653e
2022-01-20 06:36:54	22a58e79e643f6f422a1394de4fe4e78d2638370815eb23ecae037b99693926a
2022-01-20 06:36:52	0e08cc4751863c2150282dae704864e2b80feb930314ee9b3db331ec8fc4043b
2022-01-20 06:36:49	02a1be5f6bac2f03f8dc06a3b94f346ab67f18b70703b80d91ca47478f6d8c5f
2022-01-20 06:36:46	e3d47cf720441db8fad6021333ef201927e070bda5e781f5c2bb2f95d2d0b137
2022-01-20 06:36:44	a0e3df170ddc6f7fe8298743e0c158175b84c4605650361c51debe34a26a35fa
2022-01-20 06:36:41	aa6c8b3bd5e222cfc5fca5f11da80ca7d751744d5cbda33ad224b43aa5512ce5
2022-01-20 06:36:38	89f576ede7f4b0aa6a91beaab60946c07e1985e858cda3aa7c7df796ccc948c8
2022-01-20 06:36:34	3a164837338491b3a7285f8f8beb5aedb15b42d2ad7359af19076d06c988af23
2022-01-20 06:36:30	59a962cb589533aa961eea182c1d55846502a8cbd1930d5290ab05f3a4ff82a4
2022-01-20 06:36:26	0317255bad96140a5cae78a6f10dc78fb4360fe1d848304261b8de361b64f61e
2022-01-20 06:36:22	4afd8f0abb04d38a4da5ac907b7b6b9812dc7bba6c6020f37c5b6e3a3ee7c54c
2022-01-20 06:36:18	31efdf0a4453bd19ecb92e8dc1b16cdc9552ebbae70dbb2444fa4721c2236994
2022-01-20 06:36:15	335d317b5167a34fac833e99834735f2be480f1156cc5fc623146c470f24eeea
2022-01-20 06:36:13	b1c678f842132577d94f8d26b1d6247a6cff5ebe12c2e3fe9f9add886f49d9b0
2022-01-20 06:36:09	9548cf665a2aa59e9ca2f1938de081932dab4369384e7132d9ae5e64d2823c96
2022-01-20 06:36:07	fe21c6c1d3ae6dfcc4b1e2be99905e4ec9d1249aeb39d5723e54b849784867e0
2022-01-19 18:31:56	a2cac07f9147dff643d6a810b9370d8fc2551a692d95b378fcc7b3086c44193e
2022-01-19 18:17:40	4bcc6de7810aa681f8b770e9b3e7ce2aeace7d59165ba534d34e70f12ecec70f
2022-01-19 18:17:37	73e25ced557e8008074958707573a4d6ad68e3861d04a98a22cfdaed57fab84f
2022-01-19 17:56:56	849beb1413d9750e1bad8a3758dc87053d47fe5cba1528723414c918625e6d27
2022-01-19 17:46:34	0d4ba1ff1ded8ceed68d1af69a463506ea7bfe4c92d4d78082ee5c111077ad98
2022-01-19 17:42:08	560f614418ca04cf5caa6eb9c04f36572fa28fa12aa94a1ed0178305e457a40f
2022-01-19 17:42:03	2a9103251afe0c1ef6438869cd7f2ab6a9cd3ba724d527bd41dc58834a800256