ThreatFox IOC Database
You are viewing the ThreatFox database entry for ip:port 194.5.98.178:3385.
Database Entry
This IOC expired
This IOC is an old IOC and hence has expired on 2026-06-04 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.
| IOC ID: | 839822 |
|---|---|
| IOC: | 194.5.98.178:3385 |
| IOC Type : | ip:port |
| Threat Type : | botnet_cc |
| Malware: | NetWire RC |
| Malware alias: | NetWeird, NetWire, Recam |
| Confidence Level : | Confidence level is high (100%) |
| Is compromised? : | False |
| ASN: | AS149020 WEBHORIZON-AS-AP |
| Country: |  IN |
| First seen: | 2022-07-27 14:52:21 UTC |
| Last seen: | never |
| UUID: | b827c690-0dbb-11ed-b49e-42010aa4000a |
| Reporter |  AndreGironda |
| Reward | 5 credits from ThreatFox |
| Tags: | NetWire |
| Reference: | https://bazaar.abuse.ch/sample/214751a0d73e0aa9a6f5c010fd3c4fd45d5a2e4f96db8c2875355c399ff3a5bc/ |
AndreGironda
MITRE T1566.001Date: Mon, 25 Jul 2022 01:00-01:30 -0700
Received: from sohoisp.com (129.232.180.165)
Content-Type: multipart/mixed; boundary="===============2018293842=="
MIME-Version: 1.0
Subject: Proof IOf Payment
To: Recipients <>
From: "Nedbank"<>
Reply-To: agood@gmail.com
X-Source:
X-Source-Args:
X-Source-Dir:
Message-ID: <6d29236e-1623-426e-b765-7049920d3496@CO1NAM11FT068.eop-nam11.prod.protection.outlook.com>
Return-Path: <>
Attachment Name: Proof of Payment.iso
ISO-9660 Image SHA256: 9685aa2a29e6fb5a5fff9ff3766b449ea43e5e7b57e1b15e305d6c0ff983ae3b
Contained Executable Name: PROOF OF PAYMENT.exe
Executable SHA256: 214751a0d73e0aa9a6f5c010fd3c4fd45d5a2e4f96db8c2875355c399ff3a5bc