ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 45.9.20.112:57175.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-16 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	315764
IOC:	45.9.20.112:57175
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
First seen:	2022-01-24 01:01:08 UTC
Last seen:	2023-08-01 18:03:14 UTC
UUID:	1d7cc507-7cb1-11ec-8ab6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-01-24 23:40:36	c597cfdbbad88fb2d9180f92757cf1099801623d8cf60d2322b64b8d5915b1c9
2022-01-24 22:10:57	b011321c3f977caff0665bb91f5a78ef2486486864c18951ec2dfb19b79f0e47
2022-01-24 21:56:01	29e3821b976a8e1a1c4f39280c3a2c329dac33d773043101f1698dc7dce34aac
2022-01-24 21:35:51	66386e6f1072b7a44ee498e43663acae727008be8f459c00c1ae1304417d8d5f
2022-01-24 21:31:09	a512b25da7a4d9e007b1b6a5dc1600f450f2d25bbe8bd0f4843317f144d2be9b
2022-01-24 21:25:49	c7b95acf9ae3908db86db5f5eba573c7d48c3188971daad4b311b97d49f417e5
2022-01-24 20:16:04	2ac3fed114b0d5d6acca5ce885b2b3126df87e9b601f6077a5e7e82815e34219
2022-01-24 20:16:00	43633799f236be62fcc06fb032bf852afb06998b342bb0ec1872fd895a1fcbd4
2022-01-24 19:46:02	8f465d608d27485c4b93f56d1c7e89c4e9c749360e66bfd1a694516c3329466f
2022-01-24 01:01:13	2c6fb05b3c1bd42eb6d7c969e8020e76ac9bc91811466e2e84cefe6e001302d0