ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://185.163.204.20/.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-16 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	384586
IOC:	http://185.163.204.20/
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Raccoon
Malware alias:	Mohazo, RaccoonStealer, Racealer, Racoon
Confidence Level :	Confidence level is high (100%)
ASN:	AS56322 ServerAstra-AS
Country:	HU
First seen:	2022-02-09 16:56:01 UTC
Last seen:	never
UUID:	2901a65b-89c9-11ec-a022-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RaccoonStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-02-10 16:00:13	5dc7331a3854d359e2813683cfd477ba76e25ce24fea278cbd2d8a5fe37fdd97
2022-02-10 07:05:51	2e0f1121fb42a6a7dc4cd217cf2ec58e3438351e9d4fe150e89c6700c75195ab
2022-02-09 19:01:12	7aba21bd10b88275b4620021abc90e8d0e5f8f0316e8d8c0b883554afc18f8ae
2022-02-09 18:36:02	0b7410c41dd49a7a43487fa0e56f5b336951609e67b873d5cdd70632a954b4a8
2022-02-09 18:25:58	6d2a3832a1b693d9f5eed571212585443e6ee282429160973d67e17736c43629
2022-02-09 16:56:03	ee293203476eb8ec6158876b33a077ceeba8712de8d8e0d1c0aa665f752ef045