ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 87.251.71.21:50359.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-16 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	66353
IOC:	87.251.71.21:50359
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS207883 KDP-TELECOM-AS
Country:	RU
First seen:	2021-05-28 19:45:26 UTC
Last seen:	2023-08-01 18:05:50 UTC
UUID:	40083335-bfed-11eb-b17b-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2021-05-28 19:45:36	4e9bb871716df27af35ede8b153efa96e131321fa3ced426fce64b893ebd089a
2021-05-28 19:45:35	609f8efc56078e45baeb9bf7905165c1b40f3993ae23cfd295b07bc8964ac62f
2021-05-28 19:45:33	be8762ebc8287f7707ee50b5e769312f33e44deb3e8bd5600da2ff058a6af043
2021-05-28 19:45:30	8271e9ecfcb429a49cb977f6e9586f6adf1a65254934f2312888a50580de9efa
2021-05-28 19:45:27	46e99e70a21a9ecd28e61195f175bea9260eea38b1718f6750166688d955e91e