ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 89.223.125.85:80.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-10 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	838350
IOC:	89.223.125.85:80
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS9123 TimeWeb-AS
Country:	RU
First seen:	2022-07-18 02:25:30 UTC
Last seen:	never
UUID:	e5140908-0640-11ed-b8d6-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-07-18 05:50:30	5e3ff3fef319f544817fc3e6401d186bca37cb09b1338fc07dc82c0a33620ded
2022-07-18 04:20:31	5b27228c3dcc29a594689bbc6c4d21bfa312e4afa9dd96f54b696d4f9761a48a
2022-07-18 03:30:37	1de2bb52daa96e1d93066c13ae8eeb8301d7448f2b99612f2aeee62f055fa5e7
2022-07-18 03:05:33	4b38b350f7e7e645a6fbd2d1351c477dcd629d4256c557c781967644d2ee9f71
2022-07-18 02:40:32	94fbd83a3ab8cefa4864fa9d969d5c8b27dbe121cb0b591665f6ed00e5c3128b
2022-07-18 02:25:32	b8d71f951ae94bd519875fb41f2441d3132961fad46356d48149be74b7650f5b