ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://159.223.25.220/.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-26 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	357405
IOC:	http://159.223.25.220/
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Raccoon
Malware alias:	Mohazo, RaccoonStealer, Racealer, Racoon
Confidence Level :	Confidence level is high (100%)
ASN:	AS14061 DIGITALOCEAN-ASN
Country:	US
First seen:	2022-01-28 14:26:10 UTC
Last seen:	never
UUID:	3d19f27f-8046-11ec-a824-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RaccoonStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-01-29 12:05:18	5aeeb53a492389bfaaa1a2d15b98324c159ded6cd2e55dd67efb3eba6e4ee270
2022-01-29 10:15:16	024eb21bd037fb35d9a56affa3a4e845585b963f65a4dfdbc5eaa93d5ef950a0
2022-01-29 03:50:34	8a1f3bf6fede5567536ef4d0b5d96451cfb1bea8b6c643752cf8475747410063
2022-01-29 01:25:35	363e106f6ad1800b11928f8b254828c08a5c74b98939578803106e19b3f2db56
2022-01-28 23:05:40	d72ff8708ffeb9a95f559828938dc1439884e7c224579127418e285b1aa1d235
2022-01-28 21:05:33	0b668d0ac89d5da1526be831f7b8c3f2af54c5dbc68c0c9ce886183ec518c051
2022-01-28 14:26:12	98ad02342614a473b078f5b12274fa3c9c78779894750fbb7af82664b9e7ffa8