ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 5.206.224.220:81.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-16 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	393052
IOC:	5.206.224.220:81
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS47674 NETSOLUTIONS
Country:	PT
First seen:	2022-03-08 17:21:04 UTC
Last seen:	2023-08-01 18:03:38 UTC
UUID:	22428b2d-9f04-11ec-a022-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-03-09 15:35:35	482b3100cc58a2a46a4c3b5bf334a584dee6ebc00ddd810c98cd666a1e1877ac
2022-03-09 12:35:38	018f2af002d120d8f1008f4050a4f25762812a8e24f9cf8c506eff6009546dc8
2022-03-08 23:51:03	067439eef145d00e29640554bedb7458e1e56861ed5a1a9cfaed14205d8682ef
2022-03-08 22:06:09	25a1dd6991b1cb883351b337bf26ed84eaa84b276e9a430e34efa2265d058856
2022-03-08 17:21:08	55a7d2b17477a6d16a1666e267e9bdbb1d6201b0fa07dfb20d2fb5a1b184024d