ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 94.140.113.76:80.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-15 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	381622
IOC:	94.140.113.76:80
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS43513 NANO-AS
Country:	LV
First seen:	2022-02-07 02:11:19 UTC
Last seen:	never
UUID:	3cfde3a9-87bb-11ec-a022-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-02-08 01:34:28	b1800c7c08af465ceebe146c259576b81ecb4e6c20b2ffcfee24ef5c37843e77
2022-02-08 01:34:24	89d25bf598f2ef2016098e14ac9c9ed5d04d0d4f4d2d5495a34fb107c46d290f
2022-02-08 01:34:22	4ce378a5ea71af10bfcbcc5b39dadbeb86718437cc92566a77641222ab2bd44e
2022-02-07 07:21:31	7ffeae85c9e4be6675aa85f9fb8883c9a41960de2f7437be9e41288682329b3c
2022-02-07 06:01:21	51e380e872b007b342e94119d6665cc15ce492964c82799117e50e2f103a5ac3
2022-02-07 02:11:22	154662e41452a11e7545fc61d84e6f3694e7ad0f40354349ca52705c2955fc72