ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 168.119.241.77:60932.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-17 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	48771
IOC:	168.119.241.77:60932
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS24940 HETZNER-AS
Country:	DE
First seen:	2021-05-19 18:30:23 UTC
Last seen:	2023-08-01 17:57:34 UTC
UUID:	46779914-b8d0-11eb-b17b-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-05-20 13:25:31	f7463d9f62b2a6f831ea4e7bbb071a5db912ac7677bbac7656fdae12f6cf2db1
2021-05-20 05:40:28	c76d31c147adb61e8a9a2bbc2434ef45a6ee77c8b8bda3bdac03fb12f98d1140
2021-05-19 22:05:38	f38d0cb23b83e4dccb0ae0016b5c94156a93f1c7dfdcf23ffef5c0a982e0f1d1
2021-05-19 18:30:25	3d29b2a1a23b12a5134fbe8b17fe5ba0c87549e5671232eb9e842c2a55ad8f2b